aboutgitcodebugslistschat
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2022-11-30 15:13:08 +1100
committerStefano Brivio <sbrivio@redhat.com>2022-12-06 07:41:40 +0100
commit27bfebb0619d0b9c706bf235d4de935f9833110c (patch)
treeb18cfcacba13c404d8b3e2e72010338f54d3e0b4
parentc277c6dd7d90e6f83284ecf60b94c4693dd89322 (diff)
downloadpasst-27bfebb0619d0b9c706bf235d4de935f9833110c.tar
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.gz
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.bz2
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.lz
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.xz
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.tar.zst
passt-27bfebb0619d0b9c706bf235d4de935f9833110c.zip
udp: Re-use fixed bound sockets for packet forwarding when possible
When we look up udp_splice_to_ns[v6][src].target_sock in udp_sock_handler_splice, all we really require of the socket is that it be bound to port src in the pasta guest namespace. Similarly for udp_splice_to_init but bound in the init namespace. Usually these sockets are created temporarily by udp_splice_connect() and cleaned up by udp_timer(). However, depending on the -u and -U options its possible we have a permanent socket bound to the relevant port created by udp_sock_init(). If such a socket exists, we could use it instead of creating a temporary one. In fact we *must* use it, because we'll fail trying to bind() a temporary one to the same port. So allow this, store permanently bound sockets into udp_splice_to_{ns,init} in udp_sock_init(). These won't get incorrectly removed by the timer because we don't put a corresponding entry in the udp_act[] structure which directs the timer what to clean up. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r--udp.c22
1 files changed, 13 insertions, 9 deletions
diff --git a/udp.c b/udp.c
index 3fa74a1..4954a7c 100644
--- a/udp.c
+++ b/udp.c
@@ -153,7 +153,7 @@ struct udp_splice_flow {
/* Port tracking, arrays indexed by packet source port (host order) */
static struct udp_tap_port udp_tap_map [IP_VERSIONS][NUM_PORTS];
-/* Spliced "connections" indexed by originating source port (host order) */
+/* Spliced "connections" indexed by bound port of target_sock (host order) */
static struct udp_splice_flow udp_splice_to_ns [IP_VERSIONS][NUM_PORTS];
static struct udp_splice_flow udp_splice_to_init[IP_VERSIONS][NUM_PORTS];
@@ -1095,16 +1095,18 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
uref.udp.splice = uref.udp.orig = true;
- sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
- port, uref.u32);
+ s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+ ifname, port, uref.u32);
+ udp_splice_to_init[V4][port].target_sock = s;
}
} else {
uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
bind_addr = &(uint32_t){ htonl(INADDR_LOOPBACK) };
- sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr, ifname,
- port, uref.u32);
+ s = sock_l4(c, AF_INET, IPPROTO_UDP, bind_addr,
+ ifname, port, uref.u32);
+ udp_splice_to_ns[V4][port].target_sock = s;
}
}
@@ -1127,15 +1129,17 @@ void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
bind_addr = &in6addr_loopback;
uref.udp.splice = uref.udp.orig = true;
- sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
- port, uref.u32);
+ s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+ ifname, port, uref.u32);
+ udp_splice_to_init[V6][port].target_sock = s;
}
} else {
bind_addr = &in6addr_loopback;
uref.udp.splice = uref.udp.orig = uref.udp.ns = true;
- sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr, ifname,
- port, uref.u32);
+ s = sock_l4(c, AF_INET6, IPPROTO_UDP, bind_addr,
+ ifname, port, uref.u32);
+ udp_splice_to_ns[V6][port].target_sock = s;
}
}
}