diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2023-11-03 13:23:00 +1100 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2023-11-07 09:53:24 +0100 |
| commit | 180dbc957aa5f49f03ab04b65f826e32763ab5cd (patch) | |
| tree | 611376252fe32e9dd38ebd5a912ac273abd0c5c6 /port_fwd.c | |
| parent | 5a0485425bc9d43bc5228fe1b8b6286be83d3d1e (diff) | |
| download | passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar.gz passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar.bz2 passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar.lz passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar.xz passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.tar.zst passt-180dbc957aa5f49f03ab04b65f826e32763ab5cd.zip | |
port_fwd: Don't NS_CALL get_bound_ports()
When we want to scan for bound ports in the namespace we use NS_CALL() to
run get_bound_ports() in the namespace. However, the only thing it
actually needed to be in the namespace for was to open the /proc/net file
it was scanning. Since we now always pre-open those, we no longer need
to switch to the namespace for the actual get_bound_ports() calls.
That in turn means that tcp_port_detect() doesn't need to run in the ns
either, and we can just replace it with inline calls to get_bound_ports().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'port_fwd.c')
| -rw-r--r-- | port_fwd.c | 37 |
1 files changed, 2 insertions, 35 deletions
@@ -110,42 +110,11 @@ void get_bound_ports(struct ctx *c, int ns, uint8_t proto) } /** - * struct get_bound_ports_ns_arg - Arguments for get_bound_ports_ns() - * @c: Execution context - * @proto: Protocol number (IPPROTO_TCP or IPPROTO_UDP) - */ -struct get_bound_ports_ns_arg { - struct ctx *c; - uint8_t proto; -}; - -/** - * get_bound_ports_ns() - Get maps of ports in namespace with bound sockets - * @arg: See struct get_bound_ports_ns_arg - * - * Return: 0 - */ -static int get_bound_ports_ns(void *arg) -{ - struct get_bound_ports_ns_arg *a = (struct get_bound_ports_ns_arg *)arg; - struct ctx *c = a->c; - - if (!c->pasta_netns_fd) - return 0; - - ns_enter(c); - get_bound_ports(c, 1, a->proto); - - return 0; -} - -/** * port_fwd_init() - Initial setup for port forwarding * @c: Execution context */ void port_fwd_init(struct ctx *c) { - struct get_bound_ports_ns_arg ns_ports_arg = { .c = c }; const int flags = O_RDONLY | O_CLOEXEC; c->proc_net_tcp[V4][0] = c->proc_net_tcp[V4][1] = -1; @@ -156,14 +125,12 @@ void port_fwd_init(struct ctx *c) if (c->tcp.fwd_in.mode == FWD_AUTO) { c->proc_net_tcp[V4][1] = open_in_ns(c, "/proc/net/tcp", flags); c->proc_net_tcp[V6][1] = open_in_ns(c, "/proc/net/tcp6", flags); - ns_ports_arg.proto = IPPROTO_TCP; - NS_CALL(get_bound_ports_ns, &ns_ports_arg); + get_bound_ports(c, 1, IPPROTO_TCP); } if (c->udp.fwd_in.f.mode == FWD_AUTO) { c->proc_net_udp[V4][1] = open_in_ns(c, "/proc/net/udp", flags); c->proc_net_udp[V6][1] = open_in_ns(c, "/proc/net/udp6", flags); - ns_ports_arg.proto = IPPROTO_UDP; - NS_CALL(get_bound_ports_ns, &ns_ports_arg); + get_bound_ports(c, 1, IPPROTO_UDP); } if (c->tcp.fwd_out.mode == FWD_AUTO) { c->proc_net_tcp[V4][0] = open("/proc/net/tcp", flags); |