diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2022-11-30 15:13:08 +1100 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2022-12-06 07:41:40 +0100 |
commit | 27bfebb0619d0b9c706bf235d4de935f9833110c (patch) | |
tree | b18cfcacba13c404d8b3e2e72010338f54d3e0b4 | |
parent | c277c6dd7d90e6f83284ecf60b94c4693dd89322 (diff) | |
download | passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.gz passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.bz2 passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.lz passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.xz passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.zst passt-27bfebb0619d0b9c706bf235d4de935f9833110c.zip |
udp: Re-use fixed bound sockets for packet forwarding when possible
When we look up udp_splice_to_ns[v6][src].target_sock in
udp_sock_handler_splice, all we really require of the socket is that it
be bound to port src in the pasta guest namespace. Similarly for
udp_splice_to_init but bound in the init namespace.
Usually these sockets are created temporarily by udp_splice_connect() and
cleaned up by udp_timer(). However, depending on the -u and -U options its
possible we have a permanent socket bound to the relevant port created by
udp_sock_init(). If such a socket exists, we could use it instead of
creating a temporary one. In fact we *must* use it, because we'll fail
trying to bind() a temporary one to the same port.
So allow this, store permanently bound sockets into udp_splice_to_{ns,init}
in udp_sock_init(). These won't get incorrectly removed by the timer
because we don't put a corresponding entry in the udp_act[] structure
which directs the timer what to clean up.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r-- | udp.c | 22 |
1 files changed, 13 insertions, 9 deletions
@@ -153,7 +153,7 @@ struct udp_splice_flow { /* Port tracking, arrays indexed by packet source port (host order) */ static struct udp_tap_port udp_tap_map [IP_VERSIONS][NUM_PORTS]; -/* Spliced "connections" indexed by originating source port (host order) */ +/* Spliced "connections" indexed by bound port of target_sock (host order) */ static struct udp_splice_flow udp_splice_to_ns [IP_VERSIONS][NUM_PORTS]; static struct udp_splice_flow udp_splice_to_init[IP_VERSIONS][NUM_PORTS]; @@ -1095,16 +1095,18 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af, bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) }; uref.udp.splice = uref.udp.orig = true; - sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname, - port, uref.u32); + s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, + ifname, port, uref.u32); + udp_splice_to_init[V4][port].target_sock = s; } } else { uref.udp.splice = uref.udp.orig = uref.udp.ns = true; bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) }; - sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname, - port, uref.u32); + s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, + ifname, port, uref.u32); + udp_splice_to_ns[V4][port].target_sock = s; } } @@ -1127,15 +1129,17 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af, bind_addr = &in6addr_loopback; uref.udp.splice = uref.udp.orig = true; - sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname, - port, uref.u32); + s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, + ifname, port, uref.u32); + udp_splice_to_init[V6][port].target_sock = s; } } else { bind_addr = &in6addr_loopback; uref.udp.splice = uref.udp.orig = uref.udp.ns = true; - sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname, - port, uref.u32); + s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, + ifname, port, uref.u32); + udp_splice_to_ns[V6][port].target_sock = s; } } } |