From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202602 header.b=FillmbGd; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id F1E845A0269 for ; Wed, 25 Mar 2026 05:44:27 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202602; t=1774413865; bh=+uULy0GO7fxApco0t8Mespc//oIOESfR6YLYwCIqtlE=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=FillmbGdlDd0cD0oYKcLYq2bkDx2WRdXfCXY/c0jYSZ+zdaGVzfWN/WnwET79sAbs /HK2ITBTZb2xPkgKSD9NISGd69IxpWJjxsO90qi9pF+QFYvWnsLwIvyrt0A+WIPsuA TZZJgAQoup2Y4tRAY6oIMDD8gDH3oysafBl3SRHNhuepBcviIt+hw1xZLwKzU5IJPk Lz3h85uB+DZxEcCzcyGzlcxNPmL/cdZrXeOLeDhv/gDjsToaFQwwF3uKnREm4Zh9Iz PP3HqrnejPCaO7HX99dpTixwaiue54je22P6UzqEJx3kFIN/5lQ8sNSisAKpvjJVg4 noH1Iy2E4/ogQ== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4fgZ7Y27z5z4wHX; Wed, 25 Mar 2026 15:44:25 +1100 (AEDT) Date: Wed, 25 Mar 2026 15:04:39 +1100 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH v3 07/25] fwd: Store forwarding tables indexed by (origin) pif Message-ID: References: <20260323073732.3158468-1-david@gibson.dropbear.id.au> <20260323073732.3158468-8-david@gibson.dropbear.id.au> <20260325015423.4c217023@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="KqDNo+fF9XM+Mk2R" Content-Disposition: inline In-Reply-To: <20260325015423.4c217023@elisabeth> Message-ID-Hash: YH7472EEJJG7POLVZCSY4LSFZ42O66T5 X-Message-ID-Hash: YH7472EEJJG7POLVZCSY4LSFZ42O66T5 X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --KqDNo+fF9XM+Mk2R Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 25, 2026 at 01:54:24AM +0100, Stefano Brivio wrote: > On Mon, 23 Mar 2026 18:37:14 +1100 > David Gibson wrote: >=20 > > Currently we store the inbound (PIF_HOST) and outbound (PIF_SPLICE) > > forwarding tables in separate fields of struct ctx. In a number of pla= ces > > this requires somewhat awkward if or switch constructs to select the > > right table for updates. Conceptually simplify that by using an index = of > > forwarding tables by pif, which as a bonus keeps track generically which > > pifs have implemented forwarding tables so far. > >=20 > > For now this doesn't simplify a lot textually, because many places that > > need this also have other special cases to apply by pif. It does simpl= ify > > a few crucial places though, and we expect it will become more useful as > > the flexibility of the forwarding table is improved. > >=20 > > Signed-off-by: David Gibson [snip] > /home/sbrivio/passt/flow.c:508:2: > 1. assign_zero: Assigning: "rule" =3D "NULL". > /home/sbrivio/passt/flow.c:511:2: > 2. path: Condition "flow_new_entry =3D=3D flow", taking true branch. > /home/sbrivio/passt/flow.c:511:2: > 3. path: Condition "f->state =3D=3D FLOW_STATE_INI", taking true branch. > /home/sbrivio/passt/flow.c:512:2: > 4. path: Condition "f->type =3D=3D FLOW_TYPE_NONE", taking true branch. > /home/sbrivio/passt/flow.c:513:2: > 5. path: Condition "f->pif[0] !=3D PIF_NONE", taking true branch. > /home/sbrivio/passt/flow.c:513:2: > 6. path: Condition "f->pif[1] =3D=3D PIF_NONE", taking true branch. > /home/sbrivio/passt/flow.c:514:2: > 7. path: Condition "flow->f.state =3D=3D FLOW_STATE_INI", taking true b= ranch. > /home/sbrivio/passt/flow.c:516:2: > 8. path: Condition "fwd", taking false branch. > /home/sbrivio/passt/flow.c:521:2: > 9. path: Switch case value "PIF_SPLICE". > /home/sbrivio/passt/flow.c:528:3: > 10. var_deref_model: Passing null pointer "rule" to "fwd_nat_from_splic= e", which dereferences it. > /home/sbrivio/passt/fwd.c:1095:2: > 10.1. path: Condition "!inany_is_loopback(&ini->eaddr)", taking false b= ranch. > /home/sbrivio/passt/fwd.c:1095:2: > 10.2. path: Condition "!inany_is_loopback(&ini->oaddr)", taking false b= ranch. > /home/sbrivio/passt/fwd.c:1112:2: > 10.3. path: Condition "proto =3D=3D IPPROTO_UDP", taking true branch. > /home/sbrivio/passt/fwd.c:1116:2: > 10.4. dereference: Dereferencing pointer "rule". >=20 > > tgtpif =3D fwd_nat_from_splice(rule, proto, ini, tgt); > > break; > > =20 > > case PIF_HOST: > > - fwd =3D &c->fwd_in; > > - > > - if (!(rule =3D fwd_rule_search(fwd, ini, proto, rule_hint))) > > - goto norule; > > - >=20 > ...and not this either: >=20 > /home/sbrivio/passt/flow.c:532:3: > Type: Explicit null dereferenced (FORWARD_NULL) >=20 > /home/sbrivio/passt/flow.c:508:2: > 1. assign_zero: Assigning: "rule" =3D "NULL". > /home/sbrivio/passt/flow.c:511:2: > 2. path: Condition "flow_new_entry =3D=3D flow", taking true branch. > /home/sbrivio/passt/flow.c:511:2: > 3. path: Condition "f->state =3D=3D FLOW_STATE_INI", taking true branch. > /home/sbrivio/passt/flow.c:512:2: > 4. path: Condition "f->type =3D=3D FLOW_TYPE_NONE", taking true branch. > /home/sbrivio/passt/flow.c:513:2: > 5. path: Condition "f->pif[0] !=3D PIF_NONE", taking true branch. > /home/sbrivio/passt/flow.c:513:2: > 6. path: Condition "f->pif[1] =3D=3D PIF_NONE", taking true branch. > /home/sbrivio/passt/flow.c:514:2: > 7. path: Condition "flow->f.state =3D=3D FLOW_STATE_INI", taking true b= ranch. > /home/sbrivio/passt/flow.c:516:2: > 8. path: Condition "fwd", taking false branch. > /home/sbrivio/passt/flow.c:521:2: > 9. path: Switch case value "PIF_HOST". > /home/sbrivio/passt/flow.c:532:3: > 10. var_deref_model: Passing null pointer "rule" to "fwd_nat_from_host"= , which dereferences it. > /home/sbrivio/passt/fwd.c:1173:2: > 10.1. dereference: Dereferencing pointer "rule". >=20 > I haven't checked why. >=20 > > tgtpif =3D fwd_nat_from_host(c, rule, proto, ini, tgt); > > fwd_neigh_mac_get(c, &tgt->oaddr, f->tap_omac); > > break; Oops. That's because we're relying on the fact that we _do_ have populated tables for HOST and SPLICE. That's constructed a very long way away, so of course coverity can't figure that out. I've fixed it with assert()s for now, and those should go away if/when we implement forwarding tables for TAP. --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --KqDNo+fF9XM+Mk2R Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmnDXtMACgkQzQJF27ox 2Gd+dxAAkWUq3niAeXA05eVR2VmaECGG5ncNzGAtAUKkk/JNO/fcLO13hnPtGJVA F32/QMXcg1qkw2AlYmuVrVTBakTkTXEY7Ej270Ok6QB01S64CRRL9xOoO2v0qJ/t AYdhyAMxh6+EMT+IgvzHpKTscWRuzz+Oi3/MXjAbXLNMlBR2ZFkhCRtnEORIdlP7 FDEBy3jlGrA9SoykUPabicSTjZS6pNjwpSKBKpCIFp24uYEKoF/OtvhkAPaot+ib QcG1FcdF2uNKbTgyLdeaIb+d+hXQzuaaVcUil8xkfH9wzICQ2CgssSsW7JVTppV1 zKATEBFkiK7Rd4v21EwVvpGdyrMlAph/usIzZQBewcd8+Jwx/CJd7vvCVQh7+oyY hwXGR4HC12U86HpRKB3vEIgfhp7aaLCEYHfLnr/MJMaIzvbTdudv7trVstxkypNz 8rnlEq5ccffH1rzUpwqKhvJkh+NsNaBCao62zlmLOsr0ykSrUEdxUgWOBFsu+cKB 3TkYBcUdiFJ3zgjLGKqhIf0Yfpxahldp3s/lbK9wezDMh+pSzIPcEiReCONF2zwk buR6ZkHxqV3QT8RxoR87UOcdX8HwxInD6pH0iq4zwvS1U8omPgKkSXxmmD94EsF9 yBl8xCDXrklr5AVaR9GRVr9axuoikUpPGR6q5gsXdsvcQLV+Fwk= =wNmI -----END PGP SIGNATURE----- --KqDNo+fF9XM+Mk2R--