From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202502 header.b=jYScv71L;
	dkim-atps=neutral
Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id B438D5A061D
	for <passt-dev@passt.top>; Wed, 19 Feb 2025 04:14:47 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202502; t=1739934871;
	bh=qbLLZvUiON8rlPqMoVGOqUjc/51sulrCo06bIGAoehE=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=jYScv71LffhARIgfN+D7k68mSnXZL4doWtF7LyfFaUS258v5D0V7YOPV9GmMLALCJ
	 7GgyCOHB+21LbrQMhRW1/NYTGSQG4zmfU25VkrdcQbzu8yEiJ6DaiZROVYFCKlAQCW
	 zyvRDhZhvnBo/XNPjb+H5jG8+NqnfAgaKi9bnkDsNVrCNp6mx15sqLidPQMMJL6PR4
	 XB43Ldmdo04+PA07kKw3PAquQUl8ASpxS6ridkB+ByAwq8kGIytTtRwJiYxugX+vjm
	 c145M8/a7+OxSVb60hU+KGH1eW8AwIab231+uF5I5oraoVoxZDCsysy7fLW6nwpckD
	 R89YkmSJdW4yQ==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4YyM1z2Kplz4x2c; Wed, 19 Feb 2025 14:14:31 +1100 (AEDT)
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>,
	passt-dev@passt.top
Subject: [PATCH 3/3] conf: Be more precise about minimum MTUs
Date: Wed, 19 Feb 2025 14:14:29 +1100
Message-ID: <20250219031429.3708026-4-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <20250219031429.3708026-1-david@gibson.dropbear.id.au>
References: <20250219031429.3708026-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: 7MW7OKOBQ7QSPIZQV5YLT4YL75JBTJ26
X-Message-ID-Hash: 7MW7OKOBQ7QSPIZQV5YLT4YL75JBTJ26
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20250219031429.3708026-4-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/7MW7OKOBQ7QSPIZQV5YLT4YL75JBTJ26/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

Currently we reject the -m option if given a value less than ETH_MAX_MTU
(68).  That define is derived from the kernel, but its name is misleading:
it doesn't really have anything to do with Ethernet per se, but is rather
the minimum payload any L2 link must be able to handle in order to carry
IPv4.  For IPv6, it's not sufficient: that requires an MTU of at least
1280.

Furthermore, the value of 68 is the minimum IP *fragment* size the link
must be able to carry.  Since we don't support IP fragmentation, it's not
sufficient for us.  Instead we should clamp the MTU to 576 for IPv4 - the
minimum IP datagram size that all hosts must be able to accept.

Move the verification of the MTU's lower bound to logic specific to the IP
versions and correct those errors.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 conf.c | 20 +++++++++++++++-----
 ip.h   |  7 +++++++
 util.h |  3 ---
 3 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/conf.c b/conf.c
index c5ee07b0..e127acc1 100644
--- a/conf.c
+++ b/conf.c
@@ -1663,9 +1663,9 @@ void conf(struct ctx *c, int argc, char **argv)
 			if (errno || *e)
 				die("Invalid MTU: %s", optarg);
 
-			if (mtu && (mtu < ETH_MIN_MTU || mtu > ETH_MAX_MTU)) {
-				die("MTU %lu out of range (%u..%u)", mtu,
-				    ETH_MIN_MTU, ETH_MAX_MTU);
+			if (mtu > ETH_MAX_MTU) {
+				die("MTU %lu too large (max %u)",
+				    mtu, ETH_MAX_MTU);
 			}
 
 			c->mtu = mtu;
@@ -1838,10 +1838,20 @@ void conf(struct ctx *c, int argc, char **argv)
 	log_conf_parsed = true;		/* Stop printing everything */
 
 	nl_sock_init(c, false);
-	if (!v6_only)
+	if (!v6_only) {
+		if (c->mtu < IPV4_MINMAX_DATAGRAM) {
+			die("MTU %"PRIu16" is too small for IPv4 (minimum %u)",
+			    c->mtu, IPV4_MINMAX_DATAGRAM);
+		}
 		c->ifi4 = conf_ip4(ifi4, &c->ip4);
-	if (!v4_only)
+	}
+	if (!v4_only) {
+		if (c->mtu < IPV6_MIN_MTU) {
+			die("MTU %"PRIu16" is too small for IPv6 (minimum %u)",
+			    c->mtu, IPV6_MIN_MTU);
+		}
 		c->ifi6 = conf_ip6(ifi6, &c->ip6);
+	}
 	if ((*c->ip4.ifname_out && !c->ifi4) ||
 	    (*c->ip6.ifname_out && !c->ifi6))
 		die("External interface not usable");
diff --git a/ip.h b/ip.h
index 1544dbf4..8f5262fa 100644
--- a/ip.h
+++ b/ip.h
@@ -104,4 +104,11 @@ static const struct in6_addr in6addr_ll_all_nodes = {
 /* IPv4 Limited Broadcast (RFC 919, Section 7), 255.255.255.255 */
 static const struct in_addr in4addr_broadcast = { 0xffffffff };
 
+/* Minimum IP datagram size all hosts must be prepared to accept (RFC 791) */
+#define IPV4_MINMAX_DATAGRAM	576
+
+#ifndef IPV6_MIN_MTU
+#define IPV6_MIN_MTU		1280
+#endif
+
 #endif /* IP_H */
diff --git a/util.h b/util.h
index 50e96d32..bdca5ee6 100644
--- a/util.h
+++ b/util.h
@@ -34,9 +34,6 @@
 #ifndef ETH_MAX_MTU
 #define ETH_MAX_MTU			USHRT_MAX
 #endif
-#ifndef ETH_MIN_MTU
-#define ETH_MIN_MTU			68
-#endif
 #ifndef IP_MAX_MTU
 #define IP_MAX_MTU			USHRT_MAX
 #endif
-- 
2.48.1