From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Sas3n+cX;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTPS id D879D5A0272
	for <passt-dev@passt.top>; Tue, 15 Apr 2025 20:54:24 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1744743263;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=jlRTcurjGqLev9NoQ0+I4JG5xjDL1j8rPHLQfHSuurk=;
	b=Sas3n+cXaM+1akrpaykN//+es0w8Qmf4zeZmIcuImhaJ4RghOG+c5WeBmfML0FwSMU3Fjr
	Xbill0XWTDpxrWPaIBd23071ENo7XvKxYdKjMkPqSaklqk/5RK0kiPZ/REbktEH4gni56o
	krksPAHjdG4a/bCtFsGF3TNpZDZwBPU=
Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com
 [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-185-C9teFAy4MumRoCmtNUFLyQ-1; Tue, 15 Apr 2025 14:54:22 -0400
X-MC-Unique: C9teFAy4MumRoCmtNUFLyQ-1
X-Mimecast-MFC-AGG-ID: C9teFAy4MumRoCmtNUFLyQ_1744743261
Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-43cf5196c25so36601975e9.0
        for <passt-dev@passt.top>; Tue, 15 Apr 2025 11:54:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1744743261; x=1745348061;
        h=content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=jlRTcurjGqLev9NoQ0+I4JG5xjDL1j8rPHLQfHSuurk=;
        b=iErMKlGEJsSYssEGromjM16jnhu4q2S6XeVvvMRjj7vre4QPXXqpUt1qRpCDFa5trX
         90SVSNmOtd6olfLghAQVYk7iA6Sg0WE/6F9kO0gXXKXlGaZuKOdGXadZB7i1YoIG3HEo
         2SdCKnlj5T+v112Vy4g5D1Rp9CaY9V3L1vZBWKjZqKhhRmSMfXbQJzKTOmdHkntAbCzM
         V8lhJYO3IwrjCwz5tN9f1xBKpMADzw3zapYMKpMU4wHlbtGU/iHZM7DwHW1DTXt/SkH7
         X1zpKcvq+E0td61NDPtmDC0cjd8YxnWh3uH6bhYbj4spSCuR1SfZJbnYbmGJD5piAXxw
         Cszg==
X-Gm-Message-State: AOJu0YzB0Wuvb0WDxWEhZqADfPmq9W6AdaeNesDs8alQO6rhftJ7JRio
	WUA6UPPSqAp+w+XNZMlDqUuVglRCSLh2qfnoKEa6vlzJeqHd3+Z5/NYvJCrWuv43fB+MPl60VIh
	myY8o3cX8otFrgOCVERjcwYlKvganbUJvqysvk0cG+HhQazMIcg==
X-Gm-Gg: ASbGncvflPw1zray40ivS72XXvniEwUcn380HLRHWAhIeou63eT94mZh+KlYXyNlPq+
	s2WgiH06kTWT+8S/gFY5SulXG5IR8yu5NLYaLo9gC24guaBOLzDP/BHS+QYxUWf6MB9rFaHqg8I
	KFXNSlKt0RjxIUqo/CC5vZjPocVfr60iSPTASGSvlSykuji+293KehQp93T3auzSXVVqcOFv6Y8
	/WGbvaeDjnAJrjZirFJy1v1CBh52RWet2TE2zMneK227/5BAhg9uFJo92GDyqm/Dk1Zj89ysFpN
	cXDEE84+Ezckj5JL2dvqEMUq3cXYDqDRIvLGqqjB
X-Received: by 2002:a05:600c:c07:b0:439:86fb:7340 with SMTP id 5b1f17b1804b1-4405a10c786mr2270925e9.30.1744743261287;
        Tue, 15 Apr 2025 11:54:21 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFQ7qe0x9u+pDgvmQkDc2BlF2MjdUVJBzItJyZnor24CS6R0q530aPWnQZ/c2VThATN9WGgkg==
X-Received: by 2002:a05:600c:c07:b0:439:86fb:7340 with SMTP id 5b1f17b1804b1-4405a10c786mr2269545e9.30.1744743259703;
        Tue, 15 Apr 2025 11:54:19 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [176.103.220.4])
        by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43f233c824bsm216232425e9.24.2025.04.15.11.54.19
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 15 Apr 2025 11:54:19 -0700 (PDT)
Date: Tue, 15 Apr 2025 20:54:17 +0200
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH 7/7] udp: Propagate errors on listening and brand new
 sockets
Message-ID: <20250415205417.1a3b2cde@elisabeth>
In-Reply-To: <20250415071624.2618589-8-david@gibson.dropbear.id.au>
References: <20250415071624.2618589-1-david@gibson.dropbear.id.au>
	<20250415071624.2618589-8-david@gibson.dropbear.id.au>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: Xi1Hkak1IzxZROT7Mug_zvcLHfIp3KRwCfFRBMUvC4Y_1744743261
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: HQ2ZQLGNVQGOZX7KEZJACRJMXFTZNPPE
X-Message-ID-Hash: HQ2ZQLGNVQGOZX7KEZJACRJMXFTZNPPE
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top, Jon Maloy <jmaloy@redhat.com>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20250415205417.1a3b2cde@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/HQ2ZQLGNVQGOZX7KEZJACRJMXFTZNPPE/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Tue, 15 Apr 2025 17:16:24 +1000
David Gibson <david@gibson.dropbear.id.au> wrote:

> udp_sock_recverr() processes errors on UDP sockets and attempts to
> propagate them as ICMP packets on the tap interface.  To do this it
> currently requires the flow with which the error is associated as a
> parameter.  If that's missing it will clear the error condition, but not
> propagate it.
> 
> That means that we largely ignore errors on "listening" sockets.  It also
> means we may discard some errors on flow specific sockets if they occur
> very shortly after the socket is created.  In udp_flush_flow() we need to
> clear any datagrams received between bind() and connect() which might not
> be associated with the "final" flow for the socket.  If we get errors
> before that point we'll ignore them in the same way because we don't know
> the flow they're associated with in advance.
> 
> This can happen in practice if we have errors which occur almost
> immediately after connect(), such as ECONNREFUSED when we connect() to a
> local address where nothing is listening.
> 
> Between the extended error message itself and the PKTINFO information we
> do actually have enough information to find the correct flow.  So, rather
> than ignoring errors where we don't have a flow "hint", determine the flow
> the hard way in udp_sock_recverr().
> 
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> ---
>  udp.c | 41 ++++++++++++++++++++++++++++++++---------
>  1 file changed, 32 insertions(+), 9 deletions(-)
> 
> diff --git a/udp.c b/udp.c
> index 6db3accc..c04a091b 100644
> --- a/udp.c
> +++ b/udp.c
> @@ -504,27 +504,34 @@ static int udp_pktinfo(struct msghdr *msg, union inany_addr *dst)
>   * @c:		Execution context
>   * @s:		Socket to receive errors from
>   * @sidx:	Flow and side of @s, or FLOW_SIDX_NONE if unknown
> + * @pif:	Interface on which the error occurred
> + *              (only used if @sidx == FLOW_SIDX_NONE)
> + * @port:	Local port number of @s (only used if @sidx == FLOW_SIDX_NONE)
>   *
>   * Return: 1 if error received and processed, 0 if no more errors in queue, < 0
>   *         if there was an error reading the queue
>   *
>   * #syscalls recvmsg
>   */
> -static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx)
> +static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx,
> +			    uint8_t pif, in_port_t port)
>  {
>  	struct errhdr {
>  		struct sock_extended_err ee;
>  		union sockaddr_inany saddr;
>  	};
>  	char buf[PKTINFO_SPACE + CMSG_SPACE(sizeof(struct errhdr))];
> +	const struct errhdr *eh = NULL;
>  	char data[ICMP6_MAX_DLEN];
> -	const struct errhdr *eh;
>  	struct cmsghdr *hdr;
>  	struct iovec iov = {
>  		.iov_base = data,
>  		.iov_len = sizeof(data)
>  	};
> +	union sockaddr_inany src;
>  	struct msghdr mh = {
> +		.msg_name = &src,
> +		.msg_namelen = sizeof(src),
>  		.msg_iov = &iov,
>  		.msg_iovlen = 1,
>  		.msg_control = buf,
> @@ -554,7 +561,7 @@ static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx)
>  		      hdr->cmsg_type == IP_RECVERR) ||
>  		     (hdr->cmsg_level == IPPROTO_IPV6 &&
>  		      hdr->cmsg_type == IPV6_RECVERR))
> -		    break;
> +			break;
>  	}
>  
>  	if (!hdr) {
> @@ -568,8 +575,19 @@ static int udp_sock_recverr(const struct ctx *c, int s, flow_sidx_t sidx)
>  	      str_ee_origin(&eh->ee), s, strerror_(eh->ee.ee_errno));
>  
>  	if (!flow_sidx_valid(sidx)) {
> -		trace("Ignoring received IP_RECVERR cmsg on listener socket");
> -		return 1;
> +		/* No hint from the socket, determine flow from addresses */
> +		union inany_addr dst;
> +
> +		if (udp_pktinfo(&mh, &dst) < 0) {
> +			warn("Missing PKTINFO on UDP error");

...changed this to debug(), see my comments to 5/7.

-- 
Stefano