From 90e83d50a9bdeb0697843fc9917c3070b69d5c7d Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 21 Aug 2024 14:20:14 +1000 Subject: Don't take "our" MAC address from the host When sending frames to the guest over the tap link, we need a source MAC address. Currently we take that from the MAC address of the main interface on the host, but that doesn't actually make much sense: * We can't preserve the real MAC address of packets from anywhere external so there's no transparency case here * In fact, it's confusingly different from how we handle IP addresses: whereas we give the guest the same IP as the host, we're making the host's MAC the one MAC that the guest *can't* use for itself. * We already need a fallback case if the host doesn't have an Ethernet like MAC (e.g. if it's connected via a point to point interface, such as a wireguard VPN). Change to just just use an arbitrary fixed MAC address - I've picked 9a:55:9a:55:9a:55. It's simpler and has the small advantage of making the fact that passt/pasta is in use typically obvious from guest side packet dumps. This can still, of course, be overridden with the -M option. Signed-off-by: David Gibson Signed-off-by: Stefano Brivio --- passt.h | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'passt.h') diff --git a/passt.h b/passt.h index ecfed1e..c6c67ff 100644 --- a/passt.h +++ b/passt.h @@ -26,6 +26,13 @@ union epoll_ref; #include "tcp.h" #include "udp.h" +/* Default address for our end on the tap interface. Bit 0 of byte 0 must be 0 + * (unicast) and bit 1 of byte 1 must be 1 (locally administered). Otherwise + * it's arbitrary. + */ +#define MAC_OUR_LAA \ + ((uint8_t [ETH_ALEN]){0x9a, 0x55, 0x9a, 0x55, 0x9a, 0x55}) + /** * union epoll_ref - Breakdown of reference for epoll fd bookkeeping * @type: Type of fd (tells us what to do with events) -- cgit v1.2.3