From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202510 header.b=R9QGWetX;
	dkim-atps=neutral
Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id DEAE95A061C
	for <passt-dev@passt.top>; Tue, 14 Oct 2025 07:04:56 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202510; t=1760418288;
	bh=96NuM5YYLy/Cj+BnrobfjVh2EyDWipYGjbh4u14awF4=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=R9QGWetXrSWh8nbXpeFG7yLyViQUhtPe8BU3A2goFR4NnHwLM/6rK+tfl9WlDhnnM
	 EalD9uj3CydKrRVmnWo5AXtffWv2VSthilBrwAT1jKJHY/QQdeqCA7/HDq0WMi1Kc2
	 1s5rjC/bSawsfwSZqlNHrKeHyrw1zSO3q74hfo82Q9RIOJ9DPy5/MyZAxOIW/e0Akv
	 zF9TX1Fyoz+rKk3US14TV4O5ObEzWBQEKFKb8Sd9BOVQiN1abJ+gj1eVwmloBCNR/H
	 ttfytnPKyoE3dhnc+CzEtPTYPz0IhOmIMNtj+GXWjbEqiR9BponjBmXwqHL1YDzCJR
	 XzRkOMfsQhs7w==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4cm2Fr1bv6z4wCn; Tue, 14 Oct 2025 16:04:48 +1100 (AEDT)
Date: Tue, 14 Oct 2025 16:02:43 +1100
From: David Gibson <david@gibson.dropbear.id.au>
To: Jon Maloy <jmaloy@redhat.com>
Subject: Re: [PATCH v13 06/10] flow: add MAC address of LAN local remote
 hosts to flow
Message-ID: <aO3Zc3dzqEDFmIDT@zatzit>
References: <20251012193337.616835-1-jmaloy@redhat.com>
 <20251012193337.616835-7-jmaloy@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="ADzIdQ3dc4SenmsT"
Content-Disposition: inline
In-Reply-To: <20251012193337.616835-7-jmaloy@redhat.com>
Message-ID-Hash: KDUYS447SLYIICUOLLSA7A5DCOE37KDF
X-Message-ID-Hash: KDUYS447SLYIICUOLLSA7A5DCOE37KDF
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: sbrivio@redhat.com, dgibson@redhat.com, passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/aO3Zc3dzqEDFmIDT@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/KDUYS447SLYIICUOLLSA7A5DCOE37KDF/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--ADzIdQ3dc4SenmsT
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Oct 12, 2025 at 03:33:33PM -0400, Jon Maloy wrote:
> When communicating with remote hosts on the local network, some guest
> applications want to see the real MAC address of that host instead
> of PASST/PASTA's own tap address. The flow_common structure is a
> convenient location for storing that address, so we do that in this
> commit.
>=20
> Note that we don=B4t add actual usage of this address here, that will
> be done in later commits.
>=20
> Signed-off-by: Jon Maloy <jmaloy@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

>=20
> ---
> v3: - Moved the remote host macaddress from struct flowside to
>       struct flow_common. I chose to call it 'omac' as suggested
>       by David, although in my understanding the correct name would be
>       'emac'. (In general I find the address naming scheme confusing.)
>     - Adapted to new signature of function nl_mac_get(), now passing
>       it the index of the template interface.
> v4: - Renamed flow_commeon->omac to flow_common->tap_omac to make is
>       role in the code clearer
> v5: - Modified the criteria for ARP/NDP table lookup like in the
>       previous commits.
>     - Removed the PIF_TAP lookup case, as David suggested, and did
>       instead give the flow->tap_omac field a value marking it as
>       non-initialized.
>     - Calling the cache table instead of netlink for ARP/NDP lookup.
>     - Unconditionally using the potentially translated IP address
>       in the lookup, instead of only if NAT really was applied.
> v6: - Using MAC_ZERO instead of own definitions
> v12:- Using MAC_UNDEF (=3D=3Dff:ff:ff:ff:ff:ff) instead of MAC_ZERO,
>       which is a legal MAC address.
> v13: - Removed call to nat_outbound() before MAC resolution, as
>        we are now handling guest-side visible addresses only.
>      - Using tgt->oaddr instead of ini->eaddr as lookup key
>        for fwd_neigh_mac_get(), for the same reason as above.
> ---
>  flow.c | 2 ++
>  flow.h | 2 ++
>  util.h | 2 ++
>  3 files changed, 6 insertions(+)
>=20
> diff --git a/flow.c b/flow.c
> index feefda3..a57d7b9 100644
> --- a/flow.c
> +++ b/flow.c
> @@ -449,6 +449,7 @@ struct flowside *flow_target(const struct ctx *c, uni=
on flow *flow,
> =20
>  	switch (f->pif[INISIDE]) {
>  	case PIF_TAP:
> +		memcpy(f->tap_omac, MAC_UNDEF, ETH_ALEN);
>  		tgtpif =3D fwd_nat_from_tap(c, proto, ini, tgt);
>  		break;
> =20
> @@ -458,6 +459,7 @@ struct flowside *flow_target(const struct ctx *c, uni=
on flow *flow,
> =20
>  	case PIF_HOST:
>  		tgtpif =3D fwd_nat_from_host(c, proto, ini, tgt);
> +		fwd_neigh_mac_get(c, &tgt->oaddr, f->tap_omac);
>  		break;
> =20
>  	default:
> diff --git a/flow.h b/flow.h
> index cac618a..f342895 100644
> --- a/flow.h
> +++ b/flow.h
> @@ -177,6 +177,7 @@ int flowside_connect(const struct ctx *c, int s,
>   * @type:	Type of packet flow
>   * @pif[]:	Interface for each side of the flow
>   * @side[]:	Information for each side of the flow
> + * @tap_omac: MAC address of remote endpoint as seen from the guest
>   */
>  struct flow_common {
>  #ifdef __GNUC__
> @@ -192,6 +193,7 @@ struct flow_common {
>  #endif
>  	uint8_t		pif[SIDES];
>  	struct flowside	side[SIDES];
> +	uint8_t		tap_omac[6];
>  };
> =20
>  #define FLOW_INDEX_BITS		17	/* 128k - 1 */
> diff --git a/util.h b/util.h
> index 22eaac5..6fc8f5d 100644
> --- a/util.h
> +++ b/util.h
> @@ -101,6 +101,8 @@ void abort_with_msg(const char *fmt, ...)
>  	((uint8_t [ETH_ALEN]){ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff })
>  #define MAC_ZERO		((uint8_t [ETH_ALEN]){ 0 })
>  #define MAC_IS_ZERO(addr)	(!memcmp((addr), MAC_ZERO, ETH_ALEN))
> +#define MAC_UNDEF		MAC_BROADCAST
> +#define MAC_IS_UNDEF(addr)	(!memcmp((addr), MAC_UNDEF, ETH_ALEN))
> =20
>  #ifndef __bswap_constant_16
>  #define __bswap_constant_16(x)						\
> --=20
> 2.50.1
>=20

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--ADzIdQ3dc4SenmsT
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmjt2XIACgkQzQJF27ox
2GfFjQ//aQDX8SINlQ6J+iHtWEDBw+FoW3XUG9Lb/pNGqL29ZCwpW9tGdbYaadyh
Luk5e2i5LljorGTTdO82XcG0vEZt40oteap57YqPyzV9YWugvTctUPO7vnjCbunr
crzkS42mNWT06tIP0tIdZoLIMt3zVE9tnGYMTdtdJLEVwcpOVgTDmI+ZR8K8b9tn
XX0hVPWT0eo3GmWbGVQMgZ5ZAe9gsm4RbkHJetkATl/1fE2nb4m+jamdBNu8/cG1
d013a3klMZkkH6SVndVxuP+Z/RrQgeqPRSswhUshYXhBoafO2dfyV/T6hq1ZfYuL
w7WjUj/9c4Mzuatd8NAeCF9HSaXB1q4+LWHVwlDmE+iNpz9kJetgBl8M1YLgPuVM
A+9RM+bEFnRhDc15M/sEboVmg/c5ROYlpIXMqEaF5zB/PxBAt5+AI1dM4+osJVo0
kRj6ZM24VcPY71CMqPDxuh8TYjAizFKhuJdOgnCl1E8iQT+qdJ5GlIrgy+ylbSfV
2gef6m8kX+5QEB6OSB7MCIHIv4flQly4qPbxBh2aZw1ThLeDI1pn0VmO0OC328ix
8GDpYOWt3CRAbb+yOlkOwIjjl9rX/9tjVh4xV0Gitj3uE74FZq6cfV67nX/V/EAg
d6FWpraR5z+sBIr0eBYmRdHTWWwztbHISRBYWf1LG1a//swN0jo=
=jns5
-----END PGP SIGNATURE-----

--ADzIdQ3dc4SenmsT--