From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202408 header.b=BmHSaGme; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id ACEE85A004C for ; Thu, 26 Sep 2024 05:42:21 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202408; t=1727322125; bh=45YhOMQE0HimRWcg+bYal2n9fq8xfeFazQ98QahYsAA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=BmHSaGmepofIQeadlaKycLRducUbK84FpTKbiiUIYDTyhu6aq9HpvurBFbgBuHPJH cI8bowDW/17j547q9H7R5K8tqNpMyKLhlJ7Lh5VgcXijwqG7IcLJwjQLanSgz96VO0 XGMNLD4GEPu7ruU8J9WErs73yuTpxeVXkzx4ZyOM5Vo7e6NVp2VJxa2YjhXLsm+24Q 5c8J47UOocNITqtWCzCZAXIJIdOzxjIqbmNo/EMs5SgixTkH5oQWxDXzvRuMS6TyVL KXqzfoT/ZgsdO90P3tF+n6QMUTpVbxVQuhaHdeSki33FutUpouFZH8oK3C0Q3VjeFH Ctgn06Fqi1xIQ== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4XDfY90FrNz4xQr; Thu, 26 Sep 2024 13:42:05 +1000 (AEST) Date: Thu, 26 Sep 2024 11:45:37 +1000 From: David Gibson To: Laurent Vivier Subject: Re: [PATCH v2 4/4] tcp: Update TCP checksum using an iovec array Message-ID: References: <20240925081125.205974-1-lvivier@redhat.com> <20240925081125.205974-5-lvivier@redhat.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="cT1lXJMfA8U00PuX" Content-Disposition: inline In-Reply-To: <20240925081125.205974-5-lvivier@redhat.com> Message-ID-Hash: J4H35R6BBIVD3ON4HEVORPO4G2LC5EYW X-Message-ID-Hash: J4H35R6BBIVD3ON4HEVORPO4G2LC5EYW X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --cT1lXJMfA8U00PuX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 25, 2024 at 10:11:25AM +0200, Laurent Vivier wrote: > TCP header and payload are supposed to be in the same buffer, > and tcp_update_check_tcp4()/tcp_update_check_tcp6() compute > the checksum from the base address of the header using the > length of the IP payload. >=20 > In the future (for vhost-user) we need to dispatch the TCP header and > the TCP payload through several buffers. To be able to manage that, we > provide an iovec array that points to the data of the TCP frame. > We provide also an offset to be able to provide an array that contains > the TCP frame embedded in an lower level frame, and this offset points > to the TCP header inside the iovec array. >=20 > Signed-off-by: Laurent Vivier > --- >=20 > Notes: > v2: > - s/payload_offset/l4offset/ > - check memory address of the checksum (alignment, iovec boundaries) >=20 > checksum.c | 1 - > tcp.c | 116 ++++++++++++++++++++++++++++++++++++++++------------- > 2 files changed, 88 insertions(+), 29 deletions(-) >=20 > diff --git a/checksum.c b/checksum.c > index 68ffaddb5bb0..4854c1937c39 100644 > --- a/checksum.c > +++ b/checksum.c > @@ -503,7 +503,6 @@ uint16_t csum(const void *buf, size_t len, uint32_t i= nit) > * > * Return: 16-bit folded, complemented checksum > */ > -/* cppcheck-suppress unusedFunction */ > uint16_t csum_iov(const struct iovec *iov, size_t n, size_t offset, > uint32_t init) > { > diff --git a/tcp.c b/tcp.c > index c9472d905520..f0a6f7a507a7 100644 > --- a/tcp.c > +++ b/tcp.c > @@ -755,36 +755,81 @@ static void tcp_sock_set_bufsize(const struct ctx *= c, int s) > } > =20 > /** > - * tcp_update_check_tcp4() - Update TCP checksum from stored one > - * @iph: IPv4 header > - * @bp: TCP header followed by TCP payload > - */ > -static void tcp_update_check_tcp4(const struct iphdr *iph, > - struct tcp_payload_t *bp) > + * tcp_update_check_tcp4() - Calculate TCP checksum for IPv6 Nit: s/IPv6/IPv4/ > + * @src: IPv4 source address > + * @dst: IPv4 destination address > + * @iov: Pointer to the array of IO vectors > + * @iov_cnt: Length of the array > + * @l4offset: IPv4 payload offset in the iovec array > + */ > +void tcp_update_check_tcp4(struct in_addr src, > + struct in_addr dst, > + const struct iovec *iov, int iov_cnt, > + size_t l4offset) > { > - uint16_t l4len =3D ntohs(iph->tot_len) - sizeof(struct iphdr); > - struct in_addr saddr =3D { .s_addr =3D iph->saddr }; > - struct in_addr daddr =3D { .s_addr =3D iph->daddr }; > - uint32_t sum =3D proto_ipv4_header_psum(l4len, IPPROTO_TCP, saddr, dadd= r); > + size_t check_ofs; > + __sum16 *check; > + int check_idx; > + uint32_t sum; > + > + sum =3D proto_ipv4_header_psum(iov_size(iov, iov_cnt) - l4offset, > + IPPROTO_TCP, src, dst); Previously, we took the size from the IP header, which we'd previously calculated. It seems a shame to replace that with a call to iov_size() which will make another pass through the whole vector. > + > + check_idx =3D iov_skip_bytes(iov, iov_cnt, > + l4offset + offsetof(struct tcphdr, check), > + &check_ofs); > + > + if (check_idx >=3D iov_cnt) > + die("TCP4 buffer is too small"); > + if (check_ofs + sizeof(*check) > iov[check_idx].iov_len) > + die("TCP4 checksum field memory is not contiguous"); > + > + check =3D (__sum16 *)((char *)iov[check_idx].iov_base + check_ofs); Strictly speaking, it's UB to even *create* an improperly aligned pointer, even if you never dereference it. So the alignment check should go before casting to (__sum16 *). > - bp->th.check =3D 0; > - bp->th.check =3D csum(bp, l4len, sum); > + if ((uintptr_t)check & (__alignof__(*check) - 1)) > + die("TCP4 checksum field is not correctly aligned in memory"); I really think it would be worth packaging this logic (skip_bytes + contiguous check + alignment check + pointer cast) into another helper (iov_field()?). I strongly suspect we'll have further use for it down the line. > + > + *check =3D 0; > + *check =3D csum_iov(iov, iov_cnt, l4offset, sum); > } > =20 > /** > * tcp_update_check_tcp6() - Calculate TCP checksum for IPv6 > - * @ip6h: IPv6 header > - * @bp: TCP header followed by TCP payload > - */ > -static void tcp_update_check_tcp6(const struct ipv6hdr *ip6h, > - struct tcp_payload_t *bp) > + * @src: IPv6 source address > + * @dst: IPv6 destination address > + * @iov: Pointer to the array of IO vectors > + * @iov_cnt: Length of the array > + * @l4offset: IPv6 payload offset in the iovec array > + */ > +void tcp_update_check_tcp6(const struct in6_addr *src, > + const struct in6_addr *dst, > + const struct iovec *iov, int iov_cnt, > + size_t l4offset) Same comments as the IPv4 version here apply here too. > { > - uint16_t l4len =3D ntohs(ip6h->payload_len); > - uint32_t sum =3D proto_ipv6_header_psum(l4len, IPPROTO_TCP, > - &ip6h->saddr, &ip6h->daddr); > + size_t check_ofs; > + __sum16 *check; > + int check_idx; > + uint32_t sum; > + > + sum =3D proto_ipv6_header_psum(iov_size(iov, iov_cnt) - l4offset, > + IPPROTO_TCP, src, dst); > + > + check_idx =3D iov_skip_bytes(iov, iov_cnt, > + l4offset + offsetof(struct tcphdr, check), > + &check_ofs); > + > + if (check_idx >=3D iov_cnt) > + die("TCP6 buffer is too small"); Alternatively, you could check the relevant offset against the total size, which you've already calculated. Or indeed, it might make sense to check the total IOV size against the minimum size for a TCP packet somewhere earlier in the call graph. In that case this could become an ASSERT(). > + if (check_ofs + sizeof(*check) > iov[check_idx].iov_len) > + die("TCP6 checksum field memory is not contiguous"); > =20 > - bp->th.check =3D 0; > - bp->th.check =3D csum(bp, l4len, sum); > + check =3D (__sum16 *)((char *)iov[check_idx].iov_base + check_ofs); > + > + if ((uintptr_t)check & (__alignof__(*check) - 1)) > + die("TCP6 checksum field is not correctly aligned in memory"); > + > + *check =3D 0; > + *check =3D csum_iov(iov, iov_cnt, l4offset, sum); > } > =20 > /** > @@ -935,10 +980,18 @@ static size_t tcp_fill_headers4(const struct tcp_ta= p_conn *conn, > =20 > tcp_fill_header(&bp->th, conn, seq); > =20 > - if (no_tcp_csum) > + if (no_tcp_csum) { > bp->th.check =3D 0; > - else > - tcp_update_check_tcp4(iph, bp); > + } else { > + const struct iovec iov =3D { > + .iov_base =3D bp, > + .iov_len =3D ntohs(iph->tot_len) - sizeof(struct iphdr), > + }; > + struct in_addr saddr =3D { .s_addr =3D iph->saddr }; > + struct in_addr daddr =3D { .s_addr =3D iph->daddr }; > + > + tcp_update_check_tcp4(saddr, daddr, &iov, 1, 0); > + } > =20 > tap_hdr_update(taph, l3len + sizeof(struct ethhdr)); > =20 > @@ -980,10 +1033,17 @@ static size_t tcp_fill_headers6(const struct tcp_t= ap_conn *conn, > =20 > tcp_fill_header(&bp->th, conn, seq); > =20 > - if (no_tcp_csum) > + if (no_tcp_csum) { > bp->th.check =3D 0; > - else > - tcp_update_check_tcp6(ip6h, bp); > + } else { > + const struct iovec iov =3D { > + .iov_base =3D bp, > + .iov_len =3D ntohs(ip6h->payload_len) > + }; > + > + tcp_update_check_tcp6(&ip6h->saddr, &ip6h->daddr, > + &iov, 1, 0); > + } > =20 > tap_hdr_update(taph, l4len + sizeof(*ip6h) + sizeof(struct ethhdr)); > =20 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --cT1lXJMfA8U00PuX Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmb0vMAACgkQzQJF27ox 2GfKAw//Wesz+6IQmL5/8/OmhCR/U+XSK+CFEZZC1PK6z1j27+8ZZC1XdqUqh6Pe jbdO+WZzsqGJkNM9zuxN5r9iTLqOdHK7F9MOeMzKSO0G/rLNsWtC65ufP5XGG4t+ yDMx3ysnGE8MQmd41auA4mffkDqPybtA8gHzSh46EGi1eYmP6BL53TUapymVpJK9 RhKB1vxFuYg5zkEFtduh8AcskpejvQQpiTwJfqaqtt/jjBek56p62lizDS5O8LEC BnfZ0NvPMdLk3pOkxtDS0nYVcKTJrCe6lZL+myS+FkASPfPas+cVHApzWN9KFDs+ vei0DVN610iWbznmr2+AZgC8PA9am/uziLYFBgQH76enQvW1o2oIK+408RMdmBFi q0FWbH7+BNcys/yEP8zEkqoBvmzXCFRFVOuzZTVUqCYQF+4/vKbbTYdQoasLkA2R inPwr/kHv3Y6ijcuivqUAB1Gg4LDlVdps8xMUCQuZxiV1YDIwAExJzueI5BlmAbN bC4DH+L5ZaRJuLBO1NWX/I5A68XyOAmaSRXGPlYfAzyckjl1PiSkWokzmXUZxEVa kdpn21wnL2oNOo3YuzzcGv9gNg+l33eMOxSSKy9sbnb8Rx2rA2CgD+3bLTgbEgcm DzWq2LB4oUgFL1SKEVfgK+D/odV739tDbUJJ9WscBCxZNvOWqpo= =dazF -----END PGP SIGNATURE----- --cT1lXJMfA8U00PuX--