From: Jon Maloy <jmaloy@redhat.com>
To: sbrivio@redhat.com, dgibson@redhat.com,
david@gibson.dropbear.id.au, jmaloy@redhat.com,
passt-dev@passt.top
Subject: [PATCH v4 01/12] ip: Introduce unified multi-address data structures
Date: Tue, 17 Feb 2026 17:18:03 -0500 [thread overview]
Message-ID: <20260217221814.4053583-2-jmaloy@redhat.com> (raw)
In-Reply-To: <20260217221814.4053583-1-jmaloy@redhat.com>
As preparation for supporting multiple addresses per interface, we
replace the single addr/prefix_len fields with an array. The
array consists of a new struct inany_addr_entry containing an
address and prefix length, both in inany_addr format.
Despite some necessary code refactoring, there are only two
functional changes:
- The indicated IPv6 prefix length is now properly stored, instead
of being ignored and overridden with the hardcoded value 64, as
as has been the case until now.
- Since even IPv4 addresses now are stored in IPv6 format, we
also store the corresponding prefix length in that format,
i.e. using the range [96,128] instead of [0,32].
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
---
v2: -Using inany_addr instead of protocol specific addresses as
entry address field.
v3: -Merging into one array, directly in struct ctx
-Changed prefix_len and flags fields in struct inany_addr_entry
to uint8_t, since that makes the struct directly migratable
v4: -Updated according to changes in previous commits
-Updated according to feedback from David G.
-Squashed IP4_MASK macro commit into this one
---
arp.c | 10 ++++-
conf.c | 124 +++++++++++++++++++++++++++++++++----------------------
conf.h | 7 ++++
dhcp.c | 13 ++++--
dhcpv6.c | 9 ++--
fwd.c | 18 ++++----
ip.h | 5 +++
ndp.c | 17 ++++++--
passt.h | 64 ++++++++++++++++++++++++----
pasta.c | 21 ++++++----
tap.c | 11 ++++-
11 files changed, 211 insertions(+), 88 deletions(-)
diff --git a/arp.c b/arp.c
index bb042e9..99a6a67 100644
--- a/arp.c
+++ b/arp.c
@@ -41,6 +41,8 @@
static bool ignore_arp(const struct ctx *c,
const struct arphdr *ah, const struct arpmsg *am)
{
+ struct inany_addr_entry *e = first_v4(c);
+
if (ah->ar_hrd != htons(ARPHRD_ETHER) ||
ah->ar_pro != htons(ETH_P_IP) ||
ah->ar_hln != ETH_ALEN ||
@@ -54,7 +56,7 @@ static bool ignore_arp(const struct ctx *c,
return true;
/* Don't resolve the guest's assigned address, either. */
- if (!memcmp(am->tip, &c->ip4.addr, sizeof(am->tip)))
+ if (e && !memcmp(am->tip, inany_v4(&e->addr), sizeof(am->tip)))
return true;
return false;
@@ -123,12 +125,16 @@ int arp(const struct ctx *c, struct iov_tail *data)
*/
void arp_send_init_req(const struct ctx *c)
{
+ struct inany_addr_entry *e = first_v4(c);
struct {
struct ethhdr eh;
struct arphdr ah;
struct arpmsg am;
} __attribute__((__packed__)) req;
+ if (!e)
+ return;
+
/* Ethernet header */
req.eh.h_proto = htons(ETH_P_ARP);
memcpy(req.eh.h_dest, MAC_BROADCAST, sizeof(req.eh.h_dest));
@@ -145,7 +151,7 @@ void arp_send_init_req(const struct ctx *c)
memcpy(req.am.sha, c->our_tap_mac, sizeof(req.am.sha));
memcpy(req.am.sip, &c->ip4.our_tap_addr, sizeof(req.am.sip));
memcpy(req.am.tha, MAC_BROADCAST, sizeof(req.am.tha));
- memcpy(req.am.tip, &c->ip4.addr, sizeof(req.am.tip));
+ memcpy(req.am.tip, inany_v4(&e->addr), sizeof(req.am.tip));
debug("Sending initial ARP request for guest MAC address");
tap_send_single(c, &req, sizeof(req));
diff --git a/conf.c b/conf.c
index db94f92..ee1b4fe 100644
--- a/conf.c
+++ b/conf.c
@@ -42,6 +42,7 @@
#include "tap.h"
#include "udp.h"
#include "tcp.h"
+#include "conf.h"
#include "pasta.h"
#include "lineread.h"
#include "isolation.h"
@@ -692,13 +693,16 @@ static int conf_ip4_prefix(const char *arg)
/**
* conf_ip4() - Verify or detect IPv4 support, get relevant addresses
+ * @c: Execution context
* @ifi: Host interface to attempt (0 to determine one)
- * @ip4: IPv4 context (will be written)
*
* Return: interface index for IPv4, or 0 on failure.
*/
-static unsigned int conf_ip4(unsigned int ifi, struct ip4_ctx *ip4)
+static unsigned int conf_ip4(struct ctx *c, unsigned int ifi)
{
+ struct inany_addr_entry *e = first_v4(c);
+ struct ip4_ctx *ip4 = &c->ip4;
+
if (!ifi)
ifi = nl_get_ext_if(nl_sock, AF_INET);
@@ -717,60 +721,60 @@ static unsigned int conf_ip4(unsigned int ifi, struct ip4_ctx *ip4)
}
}
- if (IN4_IS_ADDR_UNSPECIFIED(&ip4->addr)) {
+ if (!e) {
+ struct in_addr addr;
+ int prefix_len = 0;
int rc = nl_addr_get(nl_sock, ifi, AF_INET,
- &ip4->addr, &ip4->prefix_len, NULL);
+ &addr, &prefix_len, NULL);
if (rc < 0) {
debug("Couldn't discover IPv4 address: %s",
strerror_(-rc));
return 0;
}
- }
+ if (IN4_IS_ADDR_UNSPECIFIED(&addr))
+ return 0;
- if (!ip4->prefix_len) {
- in_addr_t addr = ntohl(ip4->addr.s_addr);
- if (IN_CLASSA(addr))
- ip4->prefix_len = (32 - IN_CLASSA_NSHIFT);
- else if (IN_CLASSB(addr))
- ip4->prefix_len = (32 - IN_CLASSB_NSHIFT);
- else if (IN_CLASSC(addr))
- ip4->prefix_len = (32 - IN_CLASSC_NSHIFT);
- else
- ip4->prefix_len = 32;
+ e = &c->addrs[c->addr_count++];
+ e->addr = inany_from_v4(addr);
+ e->prefix_len = prefix_len + 96;
+ e->flags = CONF_ADDR_HOST;
+ ip4->addr_seen = addr;
}
- ip4->addr_seen = ip4->addr;
-
ip4->our_tap_addr = ip4->guest_gw;
- if (IN4_IS_ADDR_UNSPECIFIED(&ip4->addr))
- return 0;
-
return ifi;
}
/**
* conf_ip4_local() - Configure IPv4 addresses and attributes for local mode
- * @ip4: IPv4 context (will be written)
+ * @c: Execution context (will be written)
*/
-static void conf_ip4_local(struct ip4_ctx *ip4)
+static void conf_ip4_local(struct ctx *c)
{
- ip4->addr_seen = ip4->addr = IP4_LL_GUEST_ADDR;
- ip4->our_tap_addr = ip4->guest_gw = IP4_LL_GUEST_GW;
- ip4->prefix_len = IP4_LL_PREFIX_LEN;
+ struct inany_addr_entry *e = &c->addrs[c->addr_count++];
+ struct ip4_ctx *ip4 = &c->ip4;
+ ip4->addr_seen = IP4_LL_GUEST_ADDR;
+ ip4->our_tap_addr = ip4->guest_gw = IP4_LL_GUEST_GW;
ip4->no_copy_addrs = ip4->no_copy_routes = true;
+ e->addr = inany_from_v4(IP4_LL_GUEST_ADDR);
+ e->prefix_len = IP4_LL_PREFIX_LEN + 96;
+ e->flags = CONF_ADDR_HOST | CONF_ADDR_LINKLOCAL;
}
/**
* conf_ip6() - Verify or detect IPv6 support, get relevant addresses
+ * @c: Execution context
* @ifi: Host interface to attempt (0 to determine one)
- * @ip6: IPv6 context (will be written)
*
* Return: interface index for IPv6, or 0 on failure.
*/
-static unsigned int conf_ip6(unsigned int ifi, struct ip6_ctx *ip6)
+static unsigned int conf_ip6(struct ctx *c, unsigned int ifi)
{
+ struct inany_addr_entry *e = first_v6(c);
+ struct ip6_ctx *ip6 = &c->ip6;
+ union inany_addr addr;
int prefix_len = 0;
int rc;
@@ -791,21 +795,26 @@ static unsigned int conf_ip6(unsigned int ifi, struct ip6_ctx *ip6)
}
}
- rc = nl_addr_get(nl_sock, ifi, AF_INET6,
- IN6_IS_ADDR_UNSPECIFIED(&ip6->addr) ? &ip6->addr : NULL,
+ rc = nl_addr_get(nl_sock, ifi, AF_INET6, &addr.a6,
&prefix_len, &ip6->our_tap_ll);
if (rc < 0) {
debug("Couldn't discover IPv6 address: %s", strerror_(-rc));
return 0;
}
- ip6->addr_seen = ip6->addr;
+ if (!e) {
+ e = &c->addrs[c->addr_count++];
+ e->addr = addr;
+ e->prefix_len = prefix_len ? prefix_len : 64;
+ e->flags = CONF_ADDR_HOST;
+ }
+
+ ip6->addr_seen = e->addr.a6;
if (IN6_IS_ADDR_LINKLOCAL(&ip6->guest_gw))
ip6->our_tap_ll = ip6->guest_gw;
- if (IN6_IS_ADDR_UNSPECIFIED(&ip6->addr) ||
- IN6_IS_ADDR_UNSPECIFIED(&ip6->our_tap_ll))
+ if (IN6_IS_ADDR_UNSPECIFIED(&ip6->our_tap_ll))
return 0;
return ifi;
@@ -813,13 +822,13 @@ static unsigned int conf_ip6(unsigned int ifi, struct ip6_ctx *ip6)
/**
* conf_ip6_local() - Configure IPv6 addresses and attributes for local mode
- * @ip6: IPv6 context (will be written)
+ * @c: Execution context (will be written)
*/
-static void conf_ip6_local(struct ip6_ctx *ip6)
+static void conf_ip6_local(struct ctx *c)
{
- ip6->our_tap_ll = ip6->guest_gw = IP6_LL_GUEST_GW;
+ c->ip6.our_tap_ll = c->ip6.guest_gw = IP6_LL_GUEST_GW;
- ip6->no_copy_addrs = ip6->no_copy_routes = true;
+ c->ip6.no_copy_addrs = c->ip6.no_copy_routes = true;
}
/**
@@ -1101,6 +1110,7 @@ static void conf_print(const struct ctx *c)
{
char buf4[INET_ADDRSTRLEN], buf6[INET6_ADDRSTRLEN];
char bufmac[ETH_ADDRSTRLEN], ifn[IFNAMSIZ];
+ struct inany_addr_entry *e;
int i;
if (c->ifi4 > 0 || c->ifi6 > 0) {
@@ -1144,14 +1154,16 @@ static void conf_print(const struct ctx *c)
inet_ntop(AF_INET, &c->ip4.map_host_loopback,
buf4, sizeof(buf4)));
- if (!c->no_dhcp) {
+ e = first_v4(c);
+ if (e && !c->no_dhcp) {
uint32_t mask;
- mask = htonl(0xffffffff << (32 - c->ip4.prefix_len));
+ mask = IN4_MASK(inany_prefix4(e));
info("DHCP:");
info(" assign: %s",
- inet_ntop(AF_INET, &c->ip4.addr, buf4, sizeof(buf4)));
+ inet_ntop(AF_INET, inany_v4(&e->addr),
+ buf4, sizeof(buf4)));
info(" mask: %s",
inet_ntop(AF_INET, &mask, buf4, sizeof(buf4)));
info(" router: %s",
@@ -1188,8 +1200,9 @@ static void conf_print(const struct ctx *c)
else
goto dns6;
- info(" assign: %s",
- inet_ntop(AF_INET6, &c->ip6.addr, buf6, sizeof(buf6)));
+ e = first_v6(c);
+ info(" assign: %s", !e ? "" :
+ inet_ntop(AF_INET6, &e->addr.a6, buf6, sizeof(buf6)));
info(" router: %s",
inet_ntop(AF_INET6, &c->ip6.guest_gw, buf6, sizeof(buf6)));
info(" our link-local: %s",
@@ -1811,6 +1824,7 @@ void conf(struct ctx *c, int argc, char **argv)
break;
}
case 'a': {
+ struct inany_addr_entry *e;
union inany_addr addr;
uint8_t prefix_len;
@@ -1834,19 +1848,27 @@ void conf(struct ctx *c, int argc, char **argv)
IN6_IS_ADDR_V4COMPAT(&addr.a6))
die("Invalid address: %s", optarg);
+ /* Legacy behaviour: overwrite existing address if any */
if (inany_v4(&addr)) {
- c->ip4.addr = *inany_v4(&addr);
- c->ip4.prefix_len = prefix_len - 96;
+ e = first_v4(c);
+ if (!e)
+ e = &c->addrs[c->addr_count++];
if (c->mode == MODE_PASTA)
c->ip4.no_copy_addrs = true;
} else {
- c->ip6.addr = addr.a6;
+ e = first_v6(c);
+ if (!e)
+ e = &c->addrs[c->addr_count++];
if (c->mode == MODE_PASTA)
c->ip6.no_copy_addrs = true;
}
+ e->prefix_len = prefix_len;
+ e->addr = addr;
+ e->flags = CONF_ADDR_USER;
break;
}
case 'n': {
+ struct inany_addr_entry *e;
int plen;
if (addr_has_prefix_len)
@@ -1857,7 +1879,9 @@ void conf(struct ctx *c, int argc, char **argv)
die("Invalid prefix length: %s", optarg);
prefix_len_from_opt = plen + 96;
- c->ip4.prefix_len = plen;
+ e = first_v4(c);
+ if (e)
+ e->prefix_len = prefix_len_from_opt;
break;
}
case 'M':
@@ -2003,9 +2027,9 @@ void conf(struct ctx *c, int argc, char **argv)
nl_sock_init(c, false);
if (!v6_only)
- c->ifi4 = conf_ip4(ifi4, &c->ip4);
+ c->ifi4 = conf_ip4(c, ifi4);
if (!v4_only)
- c->ifi6 = conf_ip6(ifi6, &c->ip6);
+ c->ifi6 = conf_ip6(c, ifi6);
if (c->ifi4 && c->mtu < IPV4_MIN_MTU) {
warn("MTU %"PRIu16" is too small for IPv4 (minimum %u)",
@@ -2028,14 +2052,14 @@ void conf(struct ctx *c, int argc, char **argv)
if (!c->ifi4 && !v6_only) {
info("IPv4: no external interface as template, use local mode");
- conf_ip4_local(&c->ip4);
+ conf_ip4_local(c);
c->ifi4 = -1;
}
if (!c->ifi6 && !v4_only) {
info("IPv6: no external interface as template, use local mode");
- conf_ip6_local(&c->ip6);
+ conf_ip6_local(c);
c->ifi6 = -1;
}
@@ -2144,7 +2168,7 @@ void conf(struct ctx *c, int argc, char **argv)
if (!c->ifi6) {
c->no_ndp = 1;
c->no_dhcpv6 = 1;
- } else if (IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr)) {
+ } else if (!first_v6(c)) {
c->no_dhcpv6 = 1;
}
diff --git a/conf.h b/conf.h
index b45ad74..bfad36f 100644
--- a/conf.h
+++ b/conf.h
@@ -6,6 +6,13 @@
#ifndef CONF_H
#define CONF_H
+/* Flags indicating origin and role of an address
+ * To be used in struct inany_addr_entry
+ */
+#define CONF_ADDR_USER BIT(0) /* User set via -a */
+#define CONF_ADDR_HOST BIT(1) /* From host interface */
+#define CONF_ADDR_LINKLOCAL BIT(2) /* Link-local address */
+
enum passt_modes conf_mode(int argc, char *argv[]);
void conf(struct ctx *c, int argc, char **argv);
diff --git a/dhcp.c b/dhcp.c
index 6b9c2e3..e4f3107 100644
--- a/dhcp.c
+++ b/dhcp.c
@@ -302,6 +302,7 @@ static void opt_set_dns_search(const struct ctx *c, size_t max_len)
*/
int dhcp(const struct ctx *c, struct iov_tail *data)
{
+ struct inany_addr_entry *e = first_v4(c);
char macstr[ETH_ADDRSTRLEN];
size_t mlen, dlen, opt_len;
struct in_addr mask, dst;
@@ -313,6 +314,7 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
const struct udphdr *uh;
struct msg m_storage;
struct msg const *m;
+ struct in_addr addr;
struct msg reply;
unsigned int i;
@@ -344,6 +346,9 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
m->op != BOOTREQUEST)
return -1;
+ ASSERT(e);
+ addr = *inany_v4(&e->addr);
+
reply.op = BOOTREPLY;
reply.htype = m->htype;
reply.hlen = m->hlen;
@@ -352,7 +357,7 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
reply.secs = 0;
reply.flags = m->flags;
reply.ciaddr = m->ciaddr;
- reply.yiaddr = c->ip4.addr;
+ reply.yiaddr = addr;
reply.siaddr = 0;
reply.giaddr = m->giaddr;
memcpy(&reply.chaddr, m->chaddr, sizeof(reply.chaddr));
@@ -404,7 +409,7 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
info(" from %s", eth_ntop(m->chaddr, macstr, sizeof(macstr)));
- mask.s_addr = htonl(0xffffffff << (32 - c->ip4.prefix_len));
+ mask.s_addr = IN4_MASK(inany_prefix4(e));
memcpy(opts[1].s, &mask, sizeof(mask));
memcpy(opts[3].s, &c->ip4.guest_gw, sizeof(c->ip4.guest_gw));
memcpy(opts[54].s, &c->ip4.our_tap_addr, sizeof(c->ip4.our_tap_addr));
@@ -412,7 +417,7 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
/* If the gateway is not on the assigned subnet, send an option 121
* (Classless Static Routing) adding a dummy route to it.
*/
- if ((c->ip4.addr.s_addr & mask.s_addr)
+ if ((addr.s_addr & mask.s_addr)
!= (c->ip4.guest_gw.s_addr & mask.s_addr)) {
/* a.b.c.d/32:0.0.0.0, 0:a.b.c.d */
opts[121].slen = 14;
@@ -469,7 +474,7 @@ int dhcp(const struct ctx *c, struct iov_tail *data)
if (m->flags & FLAG_BROADCAST)
dst = in4addr_broadcast;
else
- dst = c->ip4.addr;
+ dst = addr;
tap_udp4_send(c, c->ip4.our_tap_addr, 67, dst, 68, &reply, dlen);
diff --git a/dhcpv6.c b/dhcpv6.c
index e4df0db..801b01b 100644
--- a/dhcpv6.c
+++ b/dhcpv6.c
@@ -549,6 +549,7 @@ int dhcpv6(struct ctx *c, struct iov_tail *data,
const struct in6_addr *saddr, const struct in6_addr *daddr)
{
const struct opt_server_id *server_id = NULL;
+ struct inany_addr_entry *e = first_v6(c);
const struct opt_hdr *client_id = NULL;
/* The _storage variables can't be local to the blocks they're used in,
* because IOV_*_HEADER() may return pointers to them which are
@@ -625,7 +626,7 @@ int dhcpv6(struct ctx *c, struct iov_tail *data,
if (mh->type == TYPE_CONFIRM && server_id)
return -1;
- if (dhcpv6_ia_notonlink(data, &c->ip6.addr)) {
+ if (e && dhcpv6_ia_notonlink(data, &e->addr.a6)) {
dhcpv6_send_ia_notonlink(c, data, &client_id_base,
ntohs(client_id->l), mh->xid);
@@ -679,7 +680,8 @@ int dhcpv6(struct ctx *c, struct iov_tail *data,
tap_udp6_send(c, src, 547, tap_ip6_daddr(c, src), 546,
mh->xid, &resp, n);
- c->ip6.addr_seen = c->ip6.addr;
+ if (e)
+ c->ip6.addr_seen = e->addr.a6;
return 1;
}
@@ -703,5 +705,6 @@ void dhcpv6_init(const struct ctx *c)
memcpy(resp_not_on_link.server_id.duid_lladdr,
c->our_tap_mac, sizeof(c->our_tap_mac));
- resp.ia_addr.addr = c->ip6.addr;
+ if (first_v6(c))
+ resp.ia_addr.addr = first_v6(c)->addr.a6;
}
diff --git a/fwd.c b/fwd.c
index 44a0e10..451c757 100644
--- a/fwd.c
+++ b/fwd.c
@@ -502,6 +502,8 @@ static bool is_dns_flow(uint8_t proto, const struct flowside *ini)
static bool fwd_guest_accessible4(const struct ctx *c,
const struct in_addr *addr)
{
+ struct inany_addr_entry *e = first_v4(c);
+
if (IN4_IS_ADDR_LOOPBACK(addr))
return false;
@@ -516,7 +518,7 @@ static bool fwd_guest_accessible4(const struct ctx *c,
/* For IPv4, addr_seen is initialised to addr, so is always a valid
* address
*/
- if (IN4_ARE_ADDR_EQUAL(addr, &c->ip4.addr) ||
+ if ((e && IN4_ARE_ADDR_EQUAL(addr, inany_v4(&e->addr))) ||
IN4_ARE_ADDR_EQUAL(addr, &c->ip4.addr_seen))
return false;
@@ -537,7 +539,7 @@ static bool fwd_guest_accessible6(const struct ctx *c,
if (IN6_IS_ADDR_LOOPBACK(addr))
return false;
- if (IN6_ARE_ADDR_EQUAL(addr, &c->ip6.addr))
+ if (first_v6(c) && IN6_ARE_ADDR_EQUAL(addr, &first_v6(c)->addr.a6))
return false;
/* For IPv6, addr_seen starts unspecified, because we don't know what LL
@@ -586,10 +588,10 @@ static void nat_outbound(const struct ctx *c, const union inany_addr *addr,
*translated = inany_loopback4;
else if (inany_equals6(addr, &c->ip6.map_host_loopback))
*translated = inany_loopback6;
- else if (inany_equals4(addr, &c->ip4.map_guest_addr))
- *translated = inany_from_v4(c->ip4.addr);
- else if (inany_equals6(addr, &c->ip6.map_guest_addr))
- translated->a6 = c->ip6.addr;
+ else if (first_v4(c) && inany_equals4(addr, &c->ip4.map_guest_addr))
+ *translated = first_v4(c)->addr;
+ else if (first_v6(c) && inany_equals6(addr, &c->ip6.map_guest_addr))
+ translated->a6 = first_v6(c)->addr.a6;
else
*translated = *addr;
}
@@ -710,10 +712,10 @@ bool nat_inbound(const struct ctx *c, const union inany_addr *addr,
inany_equals6(addr, &in6addr_loopback)) {
translated->a6 = c->ip6.map_host_loopback;
} else if (!IN4_IS_ADDR_UNSPECIFIED(&c->ip4.map_guest_addr) &&
- inany_equals4(addr, &c->ip4.addr)) {
+ first_v4(c) && inany_equals(addr, &first_v4(c)->addr)) {
*translated = inany_from_v4(c->ip4.map_guest_addr);
} else if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.map_guest_addr) &&
- inany_equals6(addr, &c->ip6.addr)) {
+ first_v6(c) && inany_equals(addr, &first_v6(c)->addr)) {
translated->a6 = c->ip6.map_guest_addr;
} else if (fwd_guest_accessible(c, addr)) {
*translated = *addr;
diff --git a/ip.h b/ip.h
index bd28640..0ffd888 100644
--- a/ip.h
+++ b/ip.h
@@ -17,6 +17,8 @@
(ntohl(((struct in_addr *)(a))->s_addr) >> IN_CLASSA_NSHIFT == IN_LOOPBACKNET)
#define IN4_IS_ADDR_MULTICAST(a) \
(IN_MULTICAST(ntohl(((struct in_addr *)(a))->s_addr)))
+#define IN4_MASK(prefix) \
+ ((prefix) <= 0 ? 0 : htonl(0xffffffff << (32 - (prefix))))
#define IN4_ARE_ADDR_EQUAL(a, b) \
(((struct in_addr *)(a))->s_addr == ((struct in_addr *)b)->s_addr)
#define IN4ADDR_LOOPBACK_INIT \
@@ -135,6 +137,9 @@ static const struct in_addr in4addr_broadcast = { 0xffffffff };
#define IPV6_MIN_MTU 1280
#endif
+/* Maximum number of addresses in context address array */
+#define INANY_MAX_ADDRS 32
+
int ip4_class_prefix_len(const struct in_addr *addr);
#endif /* IP_H */
diff --git a/ndp.c b/ndp.c
index eb9e313..03e43f7 100644
--- a/ndp.c
+++ b/ndp.c
@@ -257,7 +257,7 @@ static void ndp_ra(const struct ctx *c, const struct in6_addr *dst)
.valid_lifetime = ~0U,
.pref_lifetime = ~0U,
},
- .prefix = c->ip6.addr,
+ .prefix = IN6ADDR_ANY_INIT,
.source_ll = {
.header = {
.type = OPT_SRC_L2_ADDR,
@@ -265,8 +265,13 @@ static void ndp_ra(const struct ctx *c, const struct in6_addr *dst)
},
},
};
+ struct inany_addr_entry *e = first_v6(c);
unsigned char *ptr = NULL;
+ ASSERT(e);
+
+ ra.prefix = e->addr.a6;
+
ptr = &ra.var[0];
if (c->mtu) {
@@ -458,6 +463,7 @@ first:
*/
void ndp_send_init_req(const struct ctx *c)
{
+ struct inany_addr_entry *e = first_v6(c);
struct ndp_ns ns = {
.ih = {
.icmp6_type = NS,
@@ -466,8 +472,13 @@ void ndp_send_init_req(const struct ctx *c)
.icmp6_solicited = 0, /* Reserved */
.icmp6_override = 0, /* Reserved */
},
- .target_addr = c->ip6.addr
+ .target_addr = IN6ADDR_ANY_INIT
};
+
+ if (!e)
+ return;
+
+ ns.target_addr = e->addr.a6;
debug("Sending initial NDP NS request for guest MAC address");
- ndp_send(c, &c->ip6.addr, &ns, sizeof(ns));
+ ndp_send(c, &e->addr.a6, &ns, sizeof(ns));
}
diff --git a/passt.h b/passt.h
index 79d01dd..2a78ff5 100644
--- a/passt.h
+++ b/passt.h
@@ -64,11 +64,21 @@ enum passt_modes {
MODE_VU,
};
+/**
+ * struct inany_addr_entry - Unified IPv4/IPv6 address entry
+ * @addr: IPv4 (as mapped) or IPv6 address
+ * @prefix_len: Prefix length in IPv6/IPv4-mapped [0,128]/[96,128] format
+ * @flags: CONF_ADDR_* flags
+ */
+struct inany_addr_entry {
+ union inany_addr addr;
+ uint8_t prefix_len;
+ uint8_t flags;
+};
+
/**
* struct ip4_ctx - IPv4 execution context
- * @addr: IPv4 address assigned to guest
* @addr_seen: Latest IPv4 address seen as source from tap
- * @prefixlen: IPv4 prefix length (netmask)
* @guest_gw: IPv4 gateway as seen by the guest
* @map_host_loopback: Outbound connections to this address are NATted to the
* host's 127.0.0.1
@@ -84,10 +94,7 @@ enum passt_modes {
* @no_copy_addrs: Don't copy all addresses when configuring namespace
*/
struct ip4_ctx {
- /* PIF_TAP addresses */
- struct in_addr addr;
struct in_addr addr_seen;
- int prefix_len;
struct in_addr guest_gw;
struct in_addr map_host_loopback;
struct in_addr map_guest_addr;
@@ -107,7 +114,6 @@ struct ip4_ctx {
/**
* struct ip6_ctx - IPv6 execution context
- * @addr: IPv6 address assigned to guest
* @addr_seen: Latest IPv6 global/site address seen as source from tap
* @addr_ll_seen: Latest IPv6 link-local address seen as source from tap
* @guest_gw: IPv6 gateway as seen by the guest
@@ -125,8 +131,6 @@ struct ip4_ctx {
* @no_copy_addrs: Don't copy all addresses when configuring namespace
*/
struct ip6_ctx {
- /* PIF_TAP addresses */
- struct in6_addr addr;
struct in6_addr addr_seen;
struct in6_addr addr_ll_seen;
struct in6_addr guest_gw;
@@ -181,6 +185,8 @@ struct ip6_ctx {
* @fqdn: Guest FQDN
* @ifi6: Template interface for IPv6, -1: none, 0: IPv6 disabled
* @ip6: IPv6 configuration
+ * @addrs: Unified address array for both IPv4 (mapped) and IPv6
+ * @addr_count: Number of active entries in @addrs array
* @pasta_ifn: Name of namespace interface for pasta
* @pasta_ifi: Index of namespace interface for pasta
* @pasta_conf_ns: Configure namespace after creating it
@@ -257,6 +263,9 @@ struct ctx {
int ifi6;
struct ip6_ctx ip6;
+ struct inany_addr_entry addrs[INANY_MAX_ADDRS];
+ int addr_count;
+
char pasta_ifn[IF_NAMESIZE];
unsigned int pasta_ifi;
int pasta_conf_ns;
@@ -294,6 +303,45 @@ struct ctx {
bool migrate_exit;
};
+/**
+ * first_v4() - Get first IPv4 address entry
+ * @c: Pointer to struct ctx
+ *
+ * Return: pointer to first IPv4 entry, or NULL if none
+ */
+static inline struct inany_addr_entry *first_v4(const struct ctx *c)
+{
+ for (int i = 0; i < c->addr_count; i++)
+ if (inany_v4(&c->addrs[i].addr))
+ return (struct inany_addr_entry *)&c->addrs[i];
+ return NULL;
+}
+
+/**
+ * first_v6() - Get first IPv6 address entry
+ * @c: Pointer to struct ctx
+ *
+ * Return: pointer to first IPv6 entry, or NULL if none
+ */
+static inline struct inany_addr_entry *first_v6(const struct ctx *c)
+{
+ for (int i = 0; i < c->addr_count; i++)
+ if (!inany_v4(&c->addrs[i].addr))
+ return (struct inany_addr_entry *)&c->addrs[i];
+ return NULL;
+}
+
+/**
+ * inany_prefix4() - Get IPv4 prefix length from address entry
+ * @e: Address entry (must be IPv4)
+ *
+ * Return: prefix length in IPv4 format (0-32)
+ */
+static inline int inany_prefix4(const struct inany_addr_entry *e)
+{
+ return e->prefix_len - 96;
+}
+
void proto_update_l2_buf(const unsigned char *eth_d);
#endif /* PASST_H */
diff --git a/pasta.c b/pasta.c
index c307b8a..4728445 100644
--- a/pasta.c
+++ b/pasta.c
@@ -327,6 +327,7 @@ void pasta_ns_conf(struct ctx *c)
if (c->pasta_conf_ns) {
unsigned int flags = IFF_UP;
+ struct inany_addr_entry *e;
if (c->mtu)
nl_link_set_mtu(nl_sock_ns, c->pasta_ifi, c->mtu);
@@ -338,10 +339,12 @@ void pasta_ns_conf(struct ctx *c)
if (c->ifi4) {
if (c->ip4.no_copy_addrs) {
- rc = nl_addr_set(nl_sock_ns, c->pasta_ifi,
- AF_INET,
- &c->ip4.addr,
- c->ip4.prefix_len);
+ e = first_v4(c);
+ if (e)
+ rc = nl_addr_set(nl_sock_ns,
+ c->pasta_ifi, AF_INET,
+ inany_v4(&e->addr),
+ e->prefix_len - 96);
} else {
rc = nl_addr_dup(nl_sock, c->ifi4,
nl_sock_ns, c->pasta_ifi,
@@ -387,11 +390,13 @@ void pasta_ns_conf(struct ctx *c)
0, IFF_NOARP);
if (c->ip6.no_copy_addrs) {
- if (!IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr)) {
+ e = first_v6(c);
+ if (e)
rc = nl_addr_set(nl_sock_ns,
- c->pasta_ifi, AF_INET6,
- &c->ip6.addr, 64);
- }
+ c->pasta_ifi,
+ AF_INET6,
+ &e->addr.a6,
+ e->prefix_len);
} else {
rc = nl_addr_dup(nl_sock, c->ifi6,
nl_sock_ns, c->pasta_ifi,
diff --git a/tap.c b/tap.c
index 9d1344b..4298dcd 100644
--- a/tap.c
+++ b/tap.c
@@ -47,6 +47,7 @@
#include "ip.h"
#include "iov.h"
#include "passt.h"
+#include "conf.h"
#include "arp.h"
#include "dhcp.h"
#include "ndp.h"
@@ -951,8 +952,14 @@ resume:
c->ip6.addr_seen = *saddr;
}
- if (IN6_IS_ADDR_UNSPECIFIED(&c->ip6.addr))
- c->ip6.addr = *saddr;
+ if (!first_v6(c) && c->addr_count < INANY_MAX_ADDRS) {
+ struct inany_addr_entry *e;
+
+ e = &c->addrs[c->addr_count++];
+ e->addr.a6 = *saddr;
+ e->prefix_len = 64;
+ e->flags = CONF_ADDR_LINKLOCAL;
+ }
} else if (!IN6_IS_ADDR_UNSPECIFIED(saddr)){
c->ip6.addr_seen = *saddr;
}
--
2.52.0
next prev parent reply other threads:[~2026-02-17 22:18 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-17 22:18 [PATCH v4 00/12] Introduce multiple addresses Jon Maloy
2026-02-17 22:18 ` Jon Maloy [this message]
2026-02-17 22:18 ` [PATCH v4 02/12] ip: Introduce for_each_addr() macro for address iteration Jon Maloy
2026-02-17 22:18 ` [PATCH v4 03/12] fwd: Unify guest accessibility checks with unified address array Jon Maloy
2026-02-17 22:18 ` [PATCH v4 04/12] arp: Check all configured addresses in ARP filtering Jon Maloy
2026-02-17 22:18 ` [PATCH v4 05/12] pasta: Extract pasta_ns_conf_ip4/6() to reduce nesting Jon Maloy
2026-02-17 22:18 ` [PATCH v4 06/12] netlink: Return prefix length for IPv6 addresses in nl_addr_get() Jon Maloy
2026-02-17 22:18 ` [PATCH v4 07/12] conf: Allow multiple -a/--address options per address family Jon Maloy
2026-02-17 22:18 ` [PATCH v4 08/12] ip: Track observed guest IPv4 addresses in unified address array Jon Maloy
2026-02-18 14:14 ` Jon Maloy
2026-02-17 22:18 ` [PATCH v4 09/12] ip: Track observed guest IPv6 " Jon Maloy
2026-02-17 22:18 ` [PATCH v4 10/12] fwd: Unify fwd_set_observed_ip4() and fwd_set_observed_ip6() Jon Maloy
2026-02-17 22:18 ` [PATCH v4 11/12] migrate: Rename v1 address functions to v2 for clarity Jon Maloy
2026-02-17 22:18 ` [PATCH v4 12/12] migrate: Update protocol to v3 for multi-address support Jon Maloy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260217221814.4053583-2-jmaloy@redhat.com \
--to=jmaloy@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=dgibson@redhat.com \
--cc=passt-dev@passt.top \
--cc=sbrivio@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://passt.top/passt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).