From 9311ceb8b6fe7064cffca3efda051ef1e1801642 Mon Sep 17 00:00:00 2001 From: Stefano Brivio Date: Fri, 21 May 2021 11:14:53 +0200 Subject: icmp: Implement lazy bind for ping sockets It turns out that binding ICMP/ICMPv6 echo sockets takes a long time. Instead of binding all of them (one for each possible echo identification number, that is, 2^17) at start-up, bind them as ICMP/ICMPv6 packets are sent by the guest. Signed-off-by: Stefano Brivio --- icmp.c | 12 ++++++++++-- util.c | 4 +++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/icmp.c b/icmp.c index 08e7324..378e787 100644 --- a/icmp.c +++ b/icmp.c @@ -105,7 +105,8 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, struct icmphdr *ih = (struct icmphdr *)msg[0].l4h; struct sockaddr_in sa = { .sin_family = AF_INET, - .sin_addr = *(struct in_addr *)addr, + .sin_addr = { .s_addr = INADDR_ANY }, + .sin_port = ih->un.echo.id, }; if (msg[0].l4_len < sizeof(*ih) || ih->type != ICMP_ECHO) @@ -114,6 +115,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, if ((s = icmp_s_v4[ntohs(ih->un.echo.id)]) < 0) return 1; + bind(s, (struct sockaddr *)&sa, sizeof(sa)); + + sa.sin_addr = *(struct in_addr *)addr; sendto(s, msg[0].l4h, msg[0].l4_len, MSG_DONTWAIT | MSG_NOSIGNAL, (struct sockaddr *)&sa, sizeof(sa)); @@ -121,7 +125,8 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, struct icmp6hdr *ih = (struct icmp6hdr *)msg[0].l4h; struct sockaddr_in6 sa = { .sin6_family = AF_INET6, - .sin6_addr = *(struct in6_addr *)addr, + .sin6_addr = IN6ADDR_ANY_INIT, + .sin6_port = ih->icmp6_identifier, }; if (msg[0].l4_len < sizeof(*ih) || @@ -131,6 +136,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr, if ((s = icmp_s_v6[ntohs(ih->icmp6_identifier)]) < 0) return 1; + bind(s, (struct sockaddr *)&sa, sizeof(sa)); + + sa.sin6_addr = *(struct in6_addr *)addr; sendto(s, msg[0].l4h, msg[0].l4_len, MSG_DONTWAIT | MSG_NOSIGNAL, (struct sockaddr *)&sa, sizeof(sa)); diff --git a/util.c b/util.c index 9748cbe..bcec7be 100644 --- a/util.c +++ b/util.c @@ -17,7 +17,6 @@ #include #include #include -#include #include #include #include @@ -207,6 +206,9 @@ int sock_l4(struct ctx *c, int af, uint16_t proto, uint16_t port) if (proto == IPPROTO_UDP && PORT_IS_EPHEMERAL(port)) goto epoll_add; + if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6) + goto epoll_add; + if (bind(fd, sa, sl) < 0) { /* We'll fail to bind to low ports if we don't have enough * capabilities, and we'll fail to bind on already bound ports, -- cgit v1.2.3