From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=HZJbCwOO;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTPS id CC0CE5A0265
	for <passt-dev@passt.top>; Wed, 25 Mar 2026 01:54:29 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1774400068;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=6QNXomHUmgICc08ObKrgfQVcAIjQ3og2+PL8nIE77IU=;
	b=HZJbCwOOHTOvK1PG1ZTjv1WpJhq2OsDzOP3PIGx4flXQpBLBReIljpOLHS2pxPdzcr/Kz0
	94prNfIIUTofG9EFN1N9zEMBB4+W/upblp8ELnN5FXA5e/4fbvDIOtWJfeGyEyXRLbMwXZ
	Q8nOtl/XP4/unde956Ul1OYm6oAr87U=
Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com
 [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-533-eD3EylNZNnuYp7kOMj9gsg-1; Tue, 24 Mar 2026 20:54:27 -0400
X-MC-Unique: eD3EylNZNnuYp7kOMj9gsg-1
X-Mimecast-MFC-AGG-ID: eD3EylNZNnuYp7kOMj9gsg_1774400066
Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-485397788b3so57920115e9.2
        for <passt-dev@passt.top>; Tue, 24 Mar 2026 17:54:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1774400066; x=1775004866;
        h=date:content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:x-gm-gg
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=6QNXomHUmgICc08ObKrgfQVcAIjQ3og2+PL8nIE77IU=;
        b=PcOvroAqulCvjR8g1JCm2/HO4yoo/55qZVzgHUqnKAQx5EOHW5QpK1/xQ9eDtfXHYN
         GzQcq2ub15JXUvQuoGpGg5LeiLGHfxUIGuaSAV0qdLybxotz1foaGTj1XAHCf+H9Wzsi
         iIYiJHSgfCQiY4s5u3l/qyIhDe1Wp5+j8gtS9bJhBKPODUPuiD+WaD0I6oqconTPhiUT
         tIP0XVREUq5gBrzkVdehW0MYV+3lJd8WGsIpnXINgK0HV1LGkr8OA92e56HZjIXCWd3l
         HFv+NWp92qL3d6VVrcY7vVsKWQRKzcZl60wYrjV7tlzBFrr3PndH/A3V7w3CzEChoyfG
         W3/Q==
X-Gm-Message-State: AOJu0YxURHpNc++ULvgl7yntADyybVH+hKTyzQ8SfzKho42XVv7t3V1t
	TfK/AHENz7fFeoATNxiMC4e4j1v7awurX2F5Pmj8HRKYPdSh5Rfu53a1qYkr75CN/JXwZXrMRNJ
	JSISmBkxXki0slUgjpZODwmojr3e/IKMZgHW2hpOCrasBvt1bcA8ayA==
X-Gm-Gg: ATEYQzziFWBUSgPrcFWcMKSETHTNJDFSa2D/bRzE9qq+OV5aKNIWm8e+u9cl9b/CW7/
	o1JowHHB6xfiAG8Uj9357VSmECNFXJCxA8yCriqP9RGzIeRtMSUQOjC/1mSOApSMg+FsOSU447N
	4EJnLwHGHsN3lZwBSootRfVSLQGOTjHdAe60tz/eFCIWvt9xEd2ig3uLjMt6fo+rdZYR6XNcnw9
	8a+fSN1x7LqMphCoJaYYzmkjE8uYKEO9dHxdtZL0YUurhHFVpQcrK+t7EBpGCHozJOunE0dYNKP
	qnv+6QZbJbneyfZicWzyd+xiPCFB5VFPr9kITSHvvx5q75zU+14HGsX2bw7THnJrcpvdxSK68/S
	pp9JyMK326uaMs08pNJrWjXYc1a6ZNWvz
X-Received: by 2002:a05:600c:3511:b0:486:fc5f:1ab9 with SMTP id 5b1f17b1804b1-48715feab33mr24272185e9.14.1774400065637;
        Tue, 24 Mar 2026 17:54:25 -0700 (PDT)
X-Received: by 2002:a05:600c:3511:b0:486:fc5f:1ab9 with SMTP id 5b1f17b1804b1-48715feab33mr24272045e9.14.1774400065089;
        Tue, 24 Mar 2026 17:54:25 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-487116d82e4sm181231165e9.12.2026.03.24.17.54.24
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 24 Mar 2026 17:54:24 -0700 (PDT)
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH v3 07/25] fwd: Store forwarding tables indexed by
 (origin) pif
Message-ID: <20260325015423.4c217023@elisabeth>
In-Reply-To: <20260323073732.3158468-8-david@gibson.dropbear.id.au>
References: <20260323073732.3158468-1-david@gibson.dropbear.id.au>
	<20260323073732.3158468-8-david@gibson.dropbear.id.au>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.49; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Date: Wed, 25 Mar 2026 01:54:24 +0100 (CET)
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: kDyJKR9Slbbqmi5VwVf2QEFCGBG1oeB_7f9j92zdKy4_1774400066
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: EYSHIJJZSMGUGZE2PJHZICO2VTJJJO5P
X-Message-ID-Hash: EYSHIJJZSMGUGZE2PJHZICO2VTJJJO5P
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20260325015423.4c217023@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/EYSHIJJZSMGUGZE2PJHZICO2VTJJJO5P/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Mon, 23 Mar 2026 18:37:14 +1100
David Gibson <david@gibson.dropbear.id.au> wrote:

> Currently we store the inbound (PIF_HOST) and outbound (PIF_SPLICE)
> forwarding tables in separate fields of struct ctx.  In a number of places
> this requires somewhat awkward if or switch constructs to select the
> right table for updates.  Conceptually simplify that by using an index of
> forwarding tables by pif, which as a bonus keeps track generically which
> pifs have implemented forwarding tables so far.
> 
> For now this doesn't simplify a lot textually, because many places that
> need this also have other special cases to apply by pif.  It does simplify
> a few crucial places though, and we expect it will become more useful as
> the flexibility of the forwarding table is improved.
> 
> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
> ---
>  conf.c  | 58 +++++++++++++++++++++++++++++++-------------------
>  flow.c  | 22 +++++++------------
>  fwd.c   | 65 ++++++++++++++++++++++++++++++---------------------------
>  fwd.h   |  4 ++--
>  passt.h |  6 ++----
>  5 files changed, 83 insertions(+), 72 deletions(-)
> 
> diff --git a/conf.c b/conf.c
> index b1ebb4a4..6ca61b74 100644
> --- a/conf.c
> +++ b/conf.c
> @@ -1252,11 +1252,17 @@ dns6:
>  		}
>  	}
>  
> -	info("Inbound forwarding:");
> -	fwd_rules_print(&c->fwd_in);
> -	if (c->mode == MODE_PASTA) {
> -		info("Outbound forwarding:");
> -		fwd_rules_print(&c->fwd_out);
> +	for (i = 0; i < PIF_NUM_TYPES; i++) {
> +		const char *dir = "Outbound";
> +
> +		if (!c->fwd[i])
> +			continue;
> +
> +		if (i == PIF_HOST)
> +			dir = "Inbound";
> +
> +		info("%s forwarding rules (%s):", dir, pif_name(i));
> +		fwd_rules_print(c->fwd[i]);
>  	}
>  }
>  
> @@ -2154,18 +2160,24 @@ void conf(struct ctx *c, int argc, char **argv)
>  
>  	/* Forwarding options can be parsed now, after IPv4/IPv6 settings */
>  	fwd_probe_ephemeral();
> +	fwd_rule_init(c);
>  	optind = 0;
>  	do {
>  		name = getopt_long(argc, argv, optstring, options, NULL);
>  
> -		if (name == 't')
> -			conf_ports(c, name, optarg, &c->fwd_in, &tcp_in_mode);
> -		else if (name == 'u')
> -			conf_ports(c, name, optarg, &c->fwd_in, &udp_in_mode);
> -		else if (name == 'T')
> -			conf_ports(c, name, optarg, &c->fwd_out, &tcp_out_mode);
> -		else if (name == 'U')
> -			conf_ports(c, name, optarg, &c->fwd_out, &udp_out_mode);
> +		if (name == 't') {
> +			conf_ports(c, name, optarg, c->fwd[PIF_HOST],
> +				   &tcp_in_mode);
> +		} else if (name == 'u') {
> +			conf_ports(c, name, optarg, c->fwd[PIF_HOST],
> +				   &udp_in_mode);
> +		} else if (name == 'T') {
> +			conf_ports(c, name, optarg, c->fwd[PIF_SPLICE],
> +				   &tcp_out_mode);
> +		} else if (name == 'U') {
> +			conf_ports(c, name, optarg, c->fwd[PIF_SPLICE],
> +				   &udp_out_mode);
> +		}
>  	} while (name != -1);
>  
>  	if (c->mode == MODE_PASTA)
> @@ -2224,20 +2236,24 @@ void conf(struct ctx *c, int argc, char **argv)
>  		udp_out_mode = fwd_default;
>  
>  	if (tcp_in_mode == FWD_MODE_AUTO) {
> -		conf_ports_range_except(c, 't', "auto", &c->fwd_in, NULL, NULL,
> -					1, NUM_PORTS - 1, NULL, 1, FWD_SCAN);
> +		conf_ports_range_except(c, 't', "auto", c->fwd[PIF_HOST],
> +					NULL, NULL, 1, NUM_PORTS - 1, NULL, 1,
> +					FWD_SCAN);
>  	}
>  	if (tcp_out_mode == FWD_MODE_AUTO) {
> -		conf_ports_range_except(c, 'T', "auto", &c->fwd_out, NULL, "lo",
> -					1, NUM_PORTS - 1, NULL, 1, FWD_SCAN);
> +		conf_ports_range_except(c, 'T', "auto", c->fwd[PIF_SPLICE],
> +					NULL, "lo", 1, NUM_PORTS - 1, NULL, 1,
> +					FWD_SCAN);
>  	}
>  	if (udp_in_mode == FWD_MODE_AUTO) {
> -		conf_ports_range_except(c, 'u', "auto", &c->fwd_in, NULL, NULL,
> -					1, NUM_PORTS - 1, NULL, 1, FWD_SCAN);
> +		conf_ports_range_except(c, 'u', "auto", c->fwd[PIF_HOST],
> +					NULL, NULL, 1, NUM_PORTS - 1, NULL, 1,
> +					FWD_SCAN);
>  	}
>  	if (udp_out_mode == FWD_MODE_AUTO) {
> -		conf_ports_range_except(c, 'U', "auto", &c->fwd_out, NULL, "lo",
> -					1, NUM_PORTS - 1, NULL, 1, FWD_SCAN);
> +		conf_ports_range_except(c, 'U', "auto", c->fwd[PIF_SPLICE],
> +					NULL, "lo", 1, NUM_PORTS - 1, NULL, 1,
> +					FWD_SCAN);
>  	}
>  
>  	if (!c->quiet)
> diff --git a/flow.c b/flow.c
> index c84857b2..2972ab87 100644
> --- a/flow.c
> +++ b/flow.c
> @@ -503,10 +503,10 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
>  {
>  	char estr[INANY_ADDRSTRLEN], ostr[INANY_ADDRSTRLEN];
>  	struct flow_common *f = &flow->f;
> +	const struct fwd_table *fwd = c->fwd[f->pif[INISIDE]];
>  	const struct flowside *ini = &f->side[INISIDE];
>  	struct flowside *tgt = &f->side[TGTSIDE];
>  	const struct fwd_rule *rule = NULL;
> -	const struct fwd_table *fwd;
>  	uint8_t tgtpif = PIF_NONE;
>  
>  	assert(flow_new_entry == flow && f->state == FLOW_STATE_INI);
> @@ -514,6 +514,11 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
>  	assert(f->pif[INISIDE] != PIF_NONE && f->pif[TGTSIDE] == PIF_NONE);
>  	assert(flow->f.state == FLOW_STATE_INI);
>  
> +	if (fwd) {
> +		if (!(rule = fwd_rule_search(fwd, ini, proto, rule_hint)))
> +			goto norule;
> +	}
> +
>  	switch (f->pif[INISIDE]) {
>  	case PIF_TAP:
>  		memcpy(f->tap_omac, MAC_UNDEF, ETH_ALEN);
> @@ -521,20 +526,10 @@ struct flowside *flow_target(const struct ctx *c, union flow *flow,
>  		break;
>  
>  	case PIF_SPLICE:
> -		fwd = &c->fwd_out;
> -
> -		if (!(rule = fwd_rule_search(fwd, ini, proto, rule_hint)))
> -			goto norule;
> -

Coverity Scan doesn't like this:

/home/sbrivio/passt/flow.c:528:3:
  Type: Explicit null dereferenced (FORWARD_NULL)

/home/sbrivio/passt/flow.c:508:2:
  1. assign_zero: Assigning: "rule" = "NULL".
/home/sbrivio/passt/flow.c:511:2:
  2. path: Condition "flow_new_entry == flow", taking true branch.
/home/sbrivio/passt/flow.c:511:2:
  3. path: Condition "f->state == FLOW_STATE_INI", taking true branch.
/home/sbrivio/passt/flow.c:512:2:
  4. path: Condition "f->type == FLOW_TYPE_NONE", taking true branch.
/home/sbrivio/passt/flow.c:513:2:
  5. path: Condition "f->pif[0] != PIF_NONE", taking true branch.
/home/sbrivio/passt/flow.c:513:2:
  6. path: Condition "f->pif[1] == PIF_NONE", taking true branch.
/home/sbrivio/passt/flow.c:514:2:
  7. path: Condition "flow->f.state == FLOW_STATE_INI", taking true branch.
/home/sbrivio/passt/flow.c:516:2:
  8. path: Condition "fwd", taking false branch.
/home/sbrivio/passt/flow.c:521:2:
  9. path: Switch case value "PIF_SPLICE".
/home/sbrivio/passt/flow.c:528:3:
  10. var_deref_model: Passing null pointer "rule" to "fwd_nat_from_splice", which dereferences it.
/home/sbrivio/passt/fwd.c:1095:2:
  10.1. path: Condition "!inany_is_loopback(&ini->eaddr)", taking false branch.
/home/sbrivio/passt/fwd.c:1095:2:
  10.2. path: Condition "!inany_is_loopback(&ini->oaddr)", taking false branch.
/home/sbrivio/passt/fwd.c:1112:2:
  10.3. path: Condition "proto == IPPROTO_UDP", taking true branch.
/home/sbrivio/passt/fwd.c:1116:2:
  10.4. dereference: Dereferencing pointer "rule".

>  		tgtpif = fwd_nat_from_splice(rule, proto, ini, tgt);
>  		break;
>  
>  	case PIF_HOST:
> -		fwd = &c->fwd_in;
> -
> -		if (!(rule = fwd_rule_search(fwd, ini, proto, rule_hint)))
> -			goto norule;
> -

...and not this either:

/home/sbrivio/passt/flow.c:532:3:
  Type: Explicit null dereferenced (FORWARD_NULL)

/home/sbrivio/passt/flow.c:508:2:
  1. assign_zero: Assigning: "rule" = "NULL".
/home/sbrivio/passt/flow.c:511:2:
  2. path: Condition "flow_new_entry == flow", taking true branch.
/home/sbrivio/passt/flow.c:511:2:
  3. path: Condition "f->state == FLOW_STATE_INI", taking true branch.
/home/sbrivio/passt/flow.c:512:2:
  4. path: Condition "f->type == FLOW_TYPE_NONE", taking true branch.
/home/sbrivio/passt/flow.c:513:2:
  5. path: Condition "f->pif[0] != PIF_NONE", taking true branch.
/home/sbrivio/passt/flow.c:513:2:
  6. path: Condition "f->pif[1] == PIF_NONE", taking true branch.
/home/sbrivio/passt/flow.c:514:2:
  7. path: Condition "flow->f.state == FLOW_STATE_INI", taking true branch.
/home/sbrivio/passt/flow.c:516:2:
  8. path: Condition "fwd", taking false branch.
/home/sbrivio/passt/flow.c:521:2:
  9. path: Switch case value "PIF_HOST".
/home/sbrivio/passt/flow.c:532:3:
  10. var_deref_model: Passing null pointer "rule" to "fwd_nat_from_host", which dereferences it.
/home/sbrivio/passt/fwd.c:1173:2:
  10.1. dereference: Dereferencing pointer "rule".

I haven't checked why.

>  		tgtpif = fwd_nat_from_host(c, rule, proto, ini, tgt);
>  		fwd_neigh_mac_get(c, &tgt->oaddr, f->tap_omac);
>  		break;
>
> [...]

-- 
Stefano