From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=fKhIq5JH; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 4EE905A0271 for ; Tue, 04 Mar 2025 13:05:30 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1741089929; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9KykNealUGZXWpM4EnPDSOWhLdITQRYzIqPdzE9pmOw=; b=fKhIq5JHZRBvxm1C3bW6tPR3KzN/yun+gf9eQFeVMHRTISJ8EBOOsFx63giKO8JKP9laZK ASGPhV7cc+lm2dt7Uxdsel/x7HJvN14CSHRp/iq2feyFgPm9e0O3BhS3Jm8lwYsgm8xOP4 cBLOJKTSTO0tibnQNlOuI29t10NASHg= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-369-0a3KD3ZkPB6XLVcextmIug-1; Tue, 04 Mar 2025 07:05:28 -0500 X-MC-Unique: 0a3KD3ZkPB6XLVcextmIug-1 X-Mimecast-MFC-AGG-ID: 0a3KD3ZkPB6XLVcextmIug_1741089927 Received: by mail-wm1-f69.google.com with SMTP id 5b1f17b1804b1-43ba50406fcso34454955e9.3 for ; Tue, 04 Mar 2025 04:05:28 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741089927; x=1741694727; h=content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=9KykNealUGZXWpM4EnPDSOWhLdITQRYzIqPdzE9pmOw=; b=A4fQ45DBCiAzcSm+pSCijraFBCqaJ9twx4PEvkdZOIH0MGOQDF4JhYyMkSkwIhFU+7 cFD7l/z/iIut1CsQMXCfW60QuUgmRkgJxt75Fn+Bva266mKcRI3yVSR+zUV6XBYbSptJ C3lULv751yC5rOBEMZ7xDOHyg3QzWAD1knC/xHcGtN/f4vpuzemjRyLqQo1UQZBiKvc1 76K+A1Nad5AJsuKZYCCcb39Mx6hnXQ/RGwaZQ5dokokqEeSqL4V8ENS/A/kiHgl1/xzE WiP7GEROwpMxxIlAfm6qEEyYzPRYWIaJg3okTIwlmWcZq3hSdnmKjigAM1UBc1E5Qqoz sdJQ== X-Gm-Message-State: AOJu0YxGQxi+lI05vcEXDuKeCjS5nF6dTcBTVrVvqBtAX5DuyzUUJqNw qUWmxlOdfFyhLqAnwI8uWHhbXS+ntnUy3zaGw0DSKfumxiW7GNjDPlxad07XA8JKct0FRHiG5FX Ao3HgDgac1ZlzT0jvwzt9jWUuWG0GG+9rMVciE19Agr50ttK0WD0DpsroNcNltDRT0Ap65J3dFy 1xNBXsDdfUjZ6l+FmxMvRUSuiR8uMUULmn X-Gm-Gg: ASbGnctXyYwqlARVc8MhUfYIn0su0ZXyulzYUrxx4M49DHYOZbUOEWd6dFVkts5j24D bz4NL1qI2vBWhOKOGTY24t8sBHjGfsbkZInspbJryseX+20nOlwpTRH/TpSrk0e/kmo4tcs79kF QRh3jzdurBXxWozzpsOUB+NqYJ8xnsFsFwWVpeLjZh7bcqr7a+rCpjryunW8AE9qXEC70CU9xff koN8bcJ0MGIlNgCFvWf5viAerlUe68vdS7oB+KBaMa1mnrkzBz++AuXkNQ0wZKU6xaL4cyXHNES AG6rGe7Jll7quMXJ7kmEF83v4zzm9U2esqmdPVRgYNEY X-Received: by 2002:a05:600c:3ba8:b0:43a:9ef6:77ec with SMTP id 5b1f17b1804b1-43ba697ef79mr132317785e9.23.1741089926744; Tue, 04 Mar 2025 04:05:26 -0800 (PST) X-Google-Smtp-Source: AGHT+IG8x/P1q7O9hJ0hnRLCcDPvZeu9bHrJ1YNxlhi5n8Lp/ne/CTDMmAxqTJPQT8UY4mdyKrgx5g== X-Received: by 2002:a05:600c:3ba8:b0:43a:9ef6:77ec with SMTP id 5b1f17b1804b1-43ba697ef79mr132316765e9.23.1741089925208; Tue, 04 Mar 2025 04:05:25 -0800 (PST) Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [176.103.220.4]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-390e47a66adsm17308024f8f.25.2025.03.04.04.05.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Mar 2025 04:05:24 -0800 (PST) Date: Tue, 4 Mar 2025 13:05:20 +0100 From: Stefano Brivio To: Jon Maloy Subject: Re: [PATCH v9 0/4] Reconstruct incoming ICMP headers for failed UDP connect and forward back Message-ID: <20250304130520.40dfaa55@elisabeth> In-Reply-To: <20250304012915.1517536-1-jmaloy@redhat.com> References: <20250304012915.1517536-1-jmaloy@redhat.com> Organization: Red Hat X-Mailer: Claws Mail 4.2.0 (GTK 3.24.41; x86_64-pc-linux-gnu) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: tamDhyRt5ErfcPhrwPacIIzcSjOox2ZwdfCHkeeXGbo_1741089927 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-ID-Hash: PMXD6O7CZZXO2BONHA4YLA4WLLHKCUEU X-Message-ID-Hash: PMXD6O7CZZXO2BONHA4YLA4WLLHKCUEU X-MailFrom: sbrivio@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top, lvivier@redhat.com, dgibson@redhat.com X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Mon, 3 Mar 2025 20:29:11 -0500 Jon Maloy wrote: > v2: - Added patch breaking out udp header creation from function > tap_udp4_send(). > - Updated the ICMP creation by using the new function. > - Added logics to find correct flow, depending on origin. > - All done after feedback from David Gibson. > v3: - More changes after feedback from David Gibson. > v4: - Even more changes after feedback from D. Gibson > v5: - Added corresponding patches for IPv6 > v6: - Fixed some small nits after comments from D. Gibson. > v7: - Added handling of all rejected ICMP messages > - Returning correct user data amount if IPv6 as per RFC 4884. > v8: - Added MTU to ICMPv4 ICMP_FRAG_NEEDED messages. > - Added ASSERT() validation to message creation functions. > v9: - Using real source address of ICMP to complement destination > address for originial UDP message when needed. > > Jon Maloy (4): > tap: break out building of udp header from tap_udp4_send function > udp: create and send ICMPv4 to local peer when applicable > tap: break out building of udp header from tap_udp6_send function > udp: create and send ICMPv6 to local peer when applicable I was about to apply those, then I realised that Coverity Scan isn't happy about a few things, listed below. I didn't check if those are false positives (I can have a look later or within a couple of days unless you get to it first). 1. --- /home/sbrivio/passt/udp.c:448:2: Type: Out-of-bounds access (ARRAY_VS_SINGLETON) /home/sbrivio/passt/udp.c:440:2: 1. path: Condition "!(dlen <= 8)", taking false branch. /home/sbrivio/passt/udp.c:444:2: 2. path: Condition "ee->ee_type == 3", taking true branch. /home/sbrivio/passt/udp.c:444:2: 3. path: Condition "ee->ee_code == 4", taking true branch. /home/sbrivio/passt/udp.c:448:2: 4. address_of: Taking address with "&msg.ip4h" yields a singleton pointer. /home/sbrivio/passt/udp.c:448:2: 5. callee_ptr_arith: Passing "&msg.ip4h" to function "tap_push_ip4h" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. /home/sbrivio/passt/tap.c:162:2: 5.1. ptr_arith: Performing pointer arithmetic on "ip4h" in expression "ip4h + 1". --- 2. --- /home/sbrivio/passt/udp.c:493:2: Type: Out-of-bounds access (ARRAY_VS_SINGLETON) /home/sbrivio/passt/udp.c:485:2: 1. path: Condition "!(dlen <= 1232UL /* 1280 - sizeof (struct udphdr) - sizeof (struct ipv6hdr) */)", taking false branch. /home/sbrivio/passt/udp.c:489:2: 2. path: Condition "ee->ee_type == 2", taking true branch. /home/sbrivio/passt/udp.c:493:2: 3. address_of: Taking address with "&msg.ip6h" yields a singleton pointer. /home/sbrivio/passt/udp.c:493:2: 4. callee_ptr_arith: Passing "&msg.ip6h" to function "tap_push_ip6h" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. /home/sbrivio/passt/tap.c:265:2: 4.1. ptr_arith: Performing pointer arithmetic on "ip6h" in expression "ip6h + 1". --- 3. --- /home/sbrivio/passt/udp.c:449:2: Type: Out-of-bounds access (ARRAY_VS_SINGLETON) /home/sbrivio/passt/udp.c:440:2: 1. path: Condition "!(dlen <= 8)", taking false branch. /home/sbrivio/passt/udp.c:444:2: 2. path: Condition "ee->ee_type == 3", taking true branch. /home/sbrivio/passt/udp.c:444:2: 3. path: Condition "ee->ee_code == 4", taking true branch. /home/sbrivio/passt/udp.c:449:2: 4. address_of: Taking address with "&msg.uh" yields a singleton pointer. /home/sbrivio/passt/udp.c:449:2: 5. callee_ptr_arith: Passing "&msg.uh" to function "tap_push_uh4" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. /home/sbrivio/passt/tap.c:190:2: 5.1. ptr_arith: Performing pointer arithmetic on "uh" in expression "uh + 1". --- 4. --- /home/sbrivio/passt/udp.c:494:2: Type: Out-of-bounds access (ARRAY_VS_SINGLETON) /home/sbrivio/passt/udp.c:485:2: 1. path: Condition "!(dlen <= 1232UL /* 1280 - sizeof (struct udphdr) - sizeof (struct ipv6hdr) */)", taking false branch. /home/sbrivio/passt/udp.c:489:2: 2. path: Condition "ee->ee_type == 2", taking true branch. /home/sbrivio/passt/udp.c:494:2: 3. address_of: Taking address with "&msg.uh" yields a singleton pointer. /home/sbrivio/passt/udp.c:494:2: 4. callee_ptr_arith: Passing "&msg.uh" to function "tap_push_uh6" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. /home/sbrivio/passt/tap.c:295:2: 4.1. ptr_arith: Performing pointer arithmetic on "uh" in expression "uh + 1". --- -- Stefano