From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from gandalf.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id 11BA95A026D
	for <passt-dev@passt.top>; Fri, 26 Apr 2024 05:23:57 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202312; t=1714101832;
	bh=luR7Mpo7dcMf85O7uWs/fWcMYMLTzIohCi38J2Bz6b4=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=G6jaiVBPY7PluljZt0Hg5yYlp5FPIdUG2wMcHpFpjwEHhPeYuteVhcG6a6VkKb2Q/
	 rkmq7xnL6uMX9m3GbeTBco04XG67okdW0AvbA7GyCyIMazbeQesORbBWUJX+cQzE3o
	 f/aolzv1WkVtIHh7k6PVbgLP0WA5G4EYYBFywfccIz+1+TQLoIXeOjE76Cx5l+YFfn
	 j/XLYJ5ruil/WpTz9j8hujTDdo3/OT9EA3OFv7OsLOsUbvlPkLB3UP0YHq6yVZEnr3
	 niehSd9UTogddq4gDzHwVaMo1Lt2qd5pckkMssYi9qIIpBUfCrPRGaQp7z+PD2F1jG
	 lelCLcDunAIIw==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4VQdNm5VFKz4wnv; Fri, 26 Apr 2024 13:23:52 +1000 (AEST)
Date: Fri, 26 Apr 2024 13:23:44 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH] netlink: For IPv4, IFA_LOCAL is the interface address,
 not IFA_ADDRESS
Message-ID: <ZiseQH3x59_1xqsi@zatzit>
References: <20240425052943.171357-1-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="uJ2CDtw71DIvki+X"
Content-Disposition: inline
In-Reply-To: <20240425052943.171357-1-sbrivio@redhat.com>
Message-ID-Hash: ZJFOI7MDNE7PHJS2SGBV5B5KZMIUBQRH
X-Message-ID-Hash: ZJFOI7MDNE7PHJS2SGBV5B5KZMIUBQRH
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/ZiseQH3x59_1xqsi@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/ZJFOI7MDNE7PHJS2SGBV5B5KZMIUBQRH/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--uJ2CDtw71DIvki+X
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Apr 25, 2024 at 07:29:43AM +0200, Stefano Brivio wrote:
> See the comment to the unnamed enum in linux/if_addr.h, which
> currently states:
>=20
>   /*
>    * Important comment:
>    * IFA_ADDRESS is prefix address, rather than local interface address.
>    * It makes no difference for normally configured broadcast interfaces,
>    * but for point-to-point IFA_ADDRESS is DESTINATION address,
>    * local address is supplied in IFA_LOCAL attribute.
>    *
>    * [...]
>    */
>=20
> if we fetch IFA_ADDRESS, and we have a point-to-point link with a peer
> address configured, we'll source the peer address as "our" address,
> and refuse to resolve it in arp().
>=20
> This was reported with pasta and a tun upstream interface configured
> by OpenVPN in "p2p" topology: the target namespace will have similar
> addresses and routes as the host, which is fine, and will try to
> resolve the point-to-point peer address (because it's the default
> gateway).
>=20
> Given that we configure it as our address (only internally, not for
> visibly in the namespace), we'll fail to resolve that and traffic
> doesn't go anywhere.
>=20
> Note that this is not the case for IPv6: there, IFA_ADDRESS is the
> actual, local address of the interface, and IFA_LOCAL is not
> necessarily present, so the comment in linux/if_addr.h doesn't apply
> either.

Huh.  Weird.

> Link: https://github.com/containers/podman/issues/22320
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  netlink.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>=20
> diff --git a/netlink.c b/netlink.c
> index 89c0641..447fea2 100644
> --- a/netlink.c
> +++ b/netlink.c
> @@ -668,7 +668,8 @@ int nl_addr_get(int s, unsigned int ifi, sa_family_t =
af,
> =20
>  		for (rta =3D IFA_RTA(ifa), na =3D IFA_PAYLOAD(nh); RTA_OK(rta, na);
>  		     rta =3D RTA_NEXT(rta, na)) {
> -			if (rta->rta_type !=3D IFA_ADDRESS)
> +			if ((af =3D=3D AF_INET  && rta->rta_type !=3D IFA_LOCAL) ||
> +			    (af =3D=3D AF_INET6 && rta->rta_type !=3D IFA_ADDRESS))
>  				continue;
> =20
>  			if (af =3D=3D AF_INET && ifa->ifa_prefixlen > prefix_max) {

--=20
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

--uJ2CDtw71DIvki+X
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmYrHi8ACgkQzQJF27ox
2Gf+zw//UNkfPqFiMKbTpKwJVEKU56iE0qYLrGQ1uZ6uuhZMssc8ym51UmsKb1Bl
VxsXwr4OASKcptpN+GCWHLNeMxHhMU09agkYF3g3smW6sb5QGi4BFHfRTA+KcjkA
GWM75arxMBIXS1jYmTySkSCIHqwkc9EIZ+ORR65PZwbkMNgS+b7TLXWGXbchRl5V
TjnTGcexeQRJXxrXc30tHQ+3l3UCcU4pMtgo2kLxbYX0chLu7N1HhoB/5WvM9e1W
RXbjfIWIgUcBXIs6mvDdiKPerNNJq4EUa4wYPjprjMrbwY8fQbfS2pi5ZSou9zBo
cG3T7hjxkrdtkhSfg8OHle+iZlfCIFOFvXr3hIT+K0H1uRaj5MCOPg3T0TIXLHrk
52vOs/dqRS1y0nF6XaZxiSw9tgjUokPZ/N+VGthGVIXVBsvEh5guAw73GxOwdP+u
qr28fcyKiykXDFSIRkdh+UhHGpg4fwb0tcoN3Mu4bzevIwUVW5wC5NJniWfSCFeG
sYzgaPlF0MtyjY6FXWgd0y4DU7YPVPvvSqwDEz1fAi3OylwnERSNfqcZEdY+7v6s
Fh+gTzZTFor3eDGCliJav6ktURMHGDd35ElNnwgYqEFlL/G8/aXzQCar9nWMMEno
8Tw29MYcWt4FwbMqz13Vx5q3FXqCGfNeVb1BESO/PmCYfBBX5K0=
=2fHs
-----END PGP SIGNATURE-----

--uJ2CDtw71DIvki+X--