From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top, Stefano Brivio <sbrivio@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Subject: [PATCH v2 0/3] Send RST for guest packets with no flow
Date: Wed, 5 Mar 2025 15:32:27 +1100 [thread overview]
Message-ID: <20250305043230.1576131-1-david@gibson.dropbear.id.au> (raw)
As we discussed on email, this adds support for sending an RST in
response to packets from the guest which don't match an existing flow
and are neither SYN (requesting a new connection) nor themselves RST.
This is a sligjhtly larger patch than I'd like, but I can't really see
a way to simplify it without making fairly extensive reworks to share
more code with paths for RST where there is a known connection. That
would end up being more churn.
This doesn't (IMO) correctly handle IPv6 flow labels. Fixing that
raises several additional issues regarding flow labels, so I've
decided to defer that for now.
v2:
* Assorted cosmetic fixups
* Use correct IPv6 flow label for packets
* This required two preliminary patches
* tcp_rst_no_conn() is now static
David Gibson (3):
ip: Helpers to access IPv6 flow label
tap: Consider IPv6 flow label when building packet sequences
tcp: Send RST in response to guest packets that match no connection
ip.h | 24 ++++++++++++++++++
tap.c | 25 ++++++++++---------
tap.h | 6 +++++
tcp.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
tcp.h | 2 +-
5 files changed, 118 insertions(+), 17 deletions(-)
--
2.48.1
next reply other threads:[~2025-03-05 4:32 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-05 4:32 David Gibson [this message]
2025-03-05 4:32 ` [PATCH v2 1/3] ip: Helpers to access IPv6 flow label David Gibson
2025-03-05 4:32 ` [PATCH v2 2/3] tap: Consider IPv6 flow label when building packet sequences David Gibson
2025-03-05 4:32 ` [PATCH v2 3/3] tcp: Send RST in response to guest packets that match no connection David Gibson
2025-03-05 20:46 ` [PATCH v2 0/3] Send RST for guest packets with no flow Stefano Brivio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250305043230.1576131-1-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).