From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202508 header.b=Zlkna1KH;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 122725A027B
	for <passt-dev@passt.top>; Mon, 08 Sep 2025 05:09:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202508; t=1757300974;
	bh=ATLtmkBv3sRRFzmJd3p5rKEhYr666cqWubx1wAR2az4=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=Zlkna1KHCkiLCnPg7jdt9pF2AeulTYN0K/fPwnqvWXSPYlZmMaja9R1U7zuFuRBe1
	 LduApjps/9zNbZiaMcgZxhi5OC3mjANE4UoHGC3vg23ByGJHeH/OaFFMuN2B2ny/p4
	 ZyZRNmTxwtsY8C7P7kb7+xXCznlfX/QuXljJdMPczbeXI3yXlfIgMm5f1n1eCaVD6c
	 SSUNpO5N9ZaqNiWwC2plLUGYFJlcZ5HPnBl834O1BSNyFWz0jE99qjS+612TIssbku
	 vEbV8Ld0w1CngkiCpckaTzBGgcKpF9LO+WWuDKsVneF5H5k9Po+QLWvslGuqfXnDiH
	 v45H57CMltv9Q==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4cKsPV5SQ1z4wBJ; Mon,  8 Sep 2025 13:09:34 +1000 (AEST)
Date: Mon, 8 Sep 2025 13:07:27 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: Jon Maloy <jmaloy@redhat.com>
Subject: Re: [PATCH v5 05/10] flow: add MAC address of LAN local remote hosts
 to flow
Message-ID: <aL5Ibzu26BxKl8Tx@zatzit>
References: <20250906021154.2760611-1-jmaloy@redhat.com>
 <20250906021154.2760611-6-jmaloy@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="9LE/krqtQ4PNDSOH"
Content-Disposition: inline
In-Reply-To: <20250906021154.2760611-6-jmaloy@redhat.com>
Message-ID-Hash: 2ZQDGDAFLTDPEVCZ4KOED7FQMGIKSME3
X-Message-ID-Hash: 2ZQDGDAFLTDPEVCZ4KOED7FQMGIKSME3
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: sbrivio@redhat.com, dgibson@redhat.com, passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/aL5Ibzu26BxKl8Tx@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/2ZQDGDAFLTDPEVCZ4KOED7FQMGIKSME3/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--9LE/krqtQ4PNDSOH
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Sep 05, 2025 at 10:11:49PM -0400, Jon Maloy wrote:
> When communicating with remote hosts on the local network, some guest
> applications want to see the real MAC address of that host instead
> of PASST/PASTA's own tap address. The flow_common structure is a
> convenient location for storing that address, so we do that in this
> commit.
>=20
> Note that we don=B4t add actual usage of this address here, that will
> be done in later commits.
>=20
> Signed-off-by: Jon Maloy <jmaloy@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

>=20
> ---
> v3: - Moved the remote host macaddress from struct flowside to
>       struct flow_common. I chose to call it 'omac' as suggested
>       by David, although in my understanding the correct name would be
>       'emac'. (In general I find the address naming scheme confusing.)
>     - Adapted to new signature of function nl_mac_get(), now passing
>       it the index of the template interface.
> v4: - Renamed flow_commeon->omac to flow_common->tap_omac to make is
>       role in the code clearer
> v5: - Modified the criteria for ARP/NDP table lookup like in the
>       previous commits.
>     - Removed the PIF_TAP lookup case, as David suggested, and did
>       instead give the flow->tap_omac field a value marking it as
>       non-initialized.
>     - Calling the cache table instead of netlink for ARP/NDP lookup.
>     - Unconditionally using the potentially translated IP address
>       in the lookup, instead of only if NAT really was applied.

Although it looks like that last point belongs on a different patch.

> ---
>  flow.c | 2 ++
>  flow.h | 2 ++
>  2 files changed, 4 insertions(+)
>=20
> diff --git a/flow.c b/flow.c
> index feefda3..afef916 100644
> --- a/flow.c
> +++ b/flow.c
> @@ -449,6 +449,7 @@ struct flowside *flow_target(const struct ctx *c, uni=
on flow *flow,
> =20
>  	switch (f->pif[INISIDE]) {
>  	case PIF_TAP:
> +		memcpy(f->tap_omac, undefined_mac, sizeof(f->tap_omac));
>  		tgtpif =3D fwd_nat_from_tap(c, proto, ini, tgt);
>  		break;
> =20
> @@ -458,6 +459,7 @@ struct flowside *flow_target(const struct ctx *c, uni=
on flow *flow,
> =20
>  	case PIF_HOST:
>  		tgtpif =3D fwd_nat_from_host(c, proto, ini, tgt);
> +		fwd_neigh_mac_get(c, &ini->eaddr, f->tap_omac);
>  		break;
> =20
>  	default:
> diff --git a/flow.h b/flow.h
> index cac618a..f342895 100644
> --- a/flow.h
> +++ b/flow.h
> @@ -177,6 +177,7 @@ int flowside_connect(const struct ctx *c, int s,
>   * @type:	Type of packet flow
>   * @pif[]:	Interface for each side of the flow
>   * @side[]:	Information for each side of the flow
> + * @tap_omac: MAC address of remote endpoint as seen from the guest
>   */
>  struct flow_common {
>  #ifdef __GNUC__
> @@ -192,6 +193,7 @@ struct flow_common {
>  #endif
>  	uint8_t		pif[SIDES];
>  	struct flowside	side[SIDES];
> +	uint8_t		tap_omac[6];
>  };
> =20
>  #define FLOW_INDEX_BITS		17	/* 128k - 1 */
> --=20
> 2.50.1
>=20

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--9LE/krqtQ4PNDSOH
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmi+SG4ACgkQzQJF27ox
2Gfarw/+LccGiaJaZd3ixWoiUJPbHuZ5iEY1lSJ+tMpdxECyuTBrrm4JZPTsni5K
Y/V6EdYXuLe0vhkdUfiDWC2u9cWL0/CyYoJyZ0m2Cv6CXj/TwKjY+l7qdVJpdx7w
E8TtMn4tLSHiEIW9vsnN+EkZOenxBSlvaaNqYu365QMRjLs4grJeZsxMytWHaQnF
QR11VvXLLa2xtSxwmIuH9n0t9EWGQIyt2CdiSeRvccqLwj1DGec1iYt3IM0UnVi6
BdJ2M0FYJH6MGIc1DibM+CtuUbf8ybqfXyyj7QV+pO1+jy6w5fDRUWMaJCdzNsig
9cBlGsMuPgH9iXlyooj+7yZdE3GopPYqcgNrq9LiosaYjSfk1KIUF1ee99IPZl8e
TBgqbe6b1XISMMQvecMbJFN7aQvE5trvsBNV2j2fY312c0fV/6NTqEYGHO2wuCrs
0EVdaDAqhhjTwAsMxNsTDIYdHJGKE4gBIF7y3pxSoYgtRtdlLMfLJG+4EW+PWBls
Wl7Gp18k0Dotb4zY9nHXPqr94OplqpCF86ULMFfoX0uMbFiiq4fQWFhwIX/eANLY
lXFkvY7OZZVmAjLjyji0mK3VMMcAErfc9/OYIwvNqoRUdxW6IQKpQGbTkYpdSQ/6
iUJndwxux7rMIfjQ5XJqIkC/6WoZgN2RbKWVzjLWwiNRJZvgpMk=
=9K+E
-----END PGP SIGNATURE-----

--9LE/krqtQ4PNDSOH--