udp: Don't connect "forward" sockets for spliced flows
Currently we connect() the socket we use to forward spliced UDP flows. However, we now only ever use sendto() rather than send() on this socket so there's not actually any need to connect it. Don't do so. Rename a number of things that referred to "connect" or "conn" since that would now be misleading. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
9ef31b7619
commit
1cd684b09b
1 changed files with 35 additions and 50 deletions
85
udp.c
85
udp.c
|
@ -45,23 +45,20 @@
|
||||||
*
|
*
|
||||||
* - from init to namespace:
|
* - from init to namespace:
|
||||||
*
|
*
|
||||||
* - forward direction: 127.0.0.1:5000 -> 127.0.0.1:80 in init from bound
|
* - forward direction: 127.0.0.1:5000 -> 127.0.0.1:80 in init from socket s,
|
||||||
* socket s, with epoll reference: index = 80, splice = UDP_TO_NS
|
* with epoll reference: index = 80, splice = UDP_TO_NS
|
||||||
* - if udp_splice_to_ns[V4][5000].target_sock:
|
* - if udp_splice_to_ns[V4][5000].target_sock:
|
||||||
* - send packet to udp_splice_to_ns[V4][5000].target_sock, with
|
* - send packet to udp_splice_to_ns[V4][5000].target_sock, with
|
||||||
* destination port 80
|
* destination port 80
|
||||||
* - otherwise:
|
* - otherwise:
|
||||||
* - create new socket udp_splice_to_ns[V4][5000].target_sock
|
* - create new socket udp_splice_to_ns[V4][5000].target_sock
|
||||||
* - bind in namespace to 127.0.0.1:5000
|
* - bind in namespace to 127.0.0.1:5000
|
||||||
* - connect in namespace to 127.0.0.1:80 (note: this destination port
|
|
||||||
* might be remapped to another port instead)
|
|
||||||
* - add to epoll with reference: index = 5000, splice: UDP_BACK_TO_INIT
|
* - add to epoll with reference: index = 5000, splice: UDP_BACK_TO_INIT
|
||||||
* - set udp_splice_to_ns[V4][5000].orig_sock to s
|
* - set udp_splice_to_ns[V4][5000].orig_sock to s
|
||||||
* - update udp_splice_to_ns[V4][5000].ts with current time
|
* - update udp_splice_to_ns[V4][5000].ts with current time
|
||||||
*
|
*
|
||||||
* - reverse direction: 127.0.0.1:80 -> 127.0.0.1:5000 in namespace from
|
* - reverse direction: 127.0.0.1:80 -> 127.0.0.1:5000 in namespace socket s,
|
||||||
* connected socket s, having epoll reference: index = 5000,
|
* having epoll reference: index = 5000, splice = UDP_BACK_TO_INIT
|
||||||
* splice = UDP_BACK_TO_INIT
|
|
||||||
* - if udp_splice_to_ns[V4][5000].orig_sock:
|
* - if udp_splice_to_ns[V4][5000].orig_sock:
|
||||||
* - send to udp_splice_to_ns[V4][5000].orig_sock, with destination port
|
* - send to udp_splice_to_ns[V4][5000].orig_sock, with destination port
|
||||||
* 5000
|
* 5000
|
||||||
|
@ -69,7 +66,7 @@
|
||||||
*
|
*
|
||||||
* - from namespace to init:
|
* - from namespace to init:
|
||||||
*
|
*
|
||||||
* - forward direction: 127.0.0.1:2000 -> 127.0.0.1:22 in namespace from bound
|
* - forward direction: 127.0.0.1:2000 -> 127.0.0.1:22 in namespace from
|
||||||
* socket s, with epoll reference: index = 22, splice = UDP_TO_INIT
|
* socket s, with epoll reference: index = 22, splice = UDP_TO_INIT
|
||||||
* - if udp4_splice_to_init[V4][2000].target_sock:
|
* - if udp4_splice_to_init[V4][2000].target_sock:
|
||||||
* - send packet to udp_splice_to_init[V4][2000].target_sock, with
|
* - send packet to udp_splice_to_init[V4][2000].target_sock, with
|
||||||
|
@ -77,14 +74,12 @@
|
||||||
* - otherwise:
|
* - otherwise:
|
||||||
* - create new socket udp_splice_to_init[V4][2000].target_sock
|
* - create new socket udp_splice_to_init[V4][2000].target_sock
|
||||||
* - bind in init to 127.0.0.1:2000
|
* - bind in init to 127.0.0.1:2000
|
||||||
* - connect in init to 127.0.0.1:22 (note: this destination port
|
|
||||||
* might be remapped to another port instead)
|
|
||||||
* - add to epoll with reference: index = 2000, splice = UDP_BACK_TO_NS
|
* - add to epoll with reference: index = 2000, splice = UDP_BACK_TO_NS
|
||||||
* - set udp_splice_to_init[V4][2000].orig_sock to s
|
* - set udp_splice_to_init[V4][2000].orig_sock to s
|
||||||
* - update udp_splice_to_init[V4][2000].ts with current time
|
* - update udp_splice_to_init[V4][2000].ts with current time
|
||||||
*
|
*
|
||||||
* - reverse direction: 127.0.0.1:22 -> 127.0.0.1:2000 in init from connected
|
* - reverse direction: 127.0.0.1:22 -> 127.0.0.1:2000 in init from socket s,
|
||||||
* socket s, having epoll reference: index = 2000, splice = UDP_BACK_TO_NS
|
* having epoll reference: index = 2000, splice = UDP_BACK_TO_NS
|
||||||
* - if udp_splice_to_init[V4][2000].orig_sock:
|
* - if udp_splice_to_init[V4][2000].orig_sock:
|
||||||
* - send to udp_splice_to_init[V4][2000].orig_sock, with destination port
|
* - send to udp_splice_to_init[V4][2000].orig_sock, with destination port
|
||||||
* 2000
|
* 2000
|
||||||
|
@ -144,8 +139,7 @@ struct udp_tap_port {
|
||||||
* @orig_sock: Originating socket, bound to dest port in source ns of
|
* @orig_sock: Originating socket, bound to dest port in source ns of
|
||||||
* originating datagram
|
* originating datagram
|
||||||
* @target_sock: Target socket, bound to source port of originating
|
* @target_sock: Target socket, bound to source port of originating
|
||||||
* datagram in dest ns, connected to dest port of
|
* datagram in dest ns
|
||||||
* originating datagram in dest ns
|
|
||||||
* @ts: Activity timestamp
|
* @ts: Activity timestamp
|
||||||
*/
|
*/
|
||||||
struct udp_splice_flow {
|
struct udp_splice_flow {
|
||||||
|
@ -163,8 +157,8 @@ static struct udp_splice_flow udp_splice_to_init[IP_VERSIONS][NUM_PORTS];
|
||||||
|
|
||||||
enum udp_act_type {
|
enum udp_act_type {
|
||||||
UDP_ACT_TAP,
|
UDP_ACT_TAP,
|
||||||
UDP_ACT_NS_CONN,
|
UDP_ACT_SPLICE_NS,
|
||||||
UDP_ACT_INIT_CONN,
|
UDP_ACT_SPLICE_INIT,
|
||||||
UDP_ACT_TYPE_MAX,
|
UDP_ACT_TYPE_MAX,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -398,20 +392,19 @@ static void udp_sock6_iov_init(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* udp_splice_connect() - Create and connect socket for "spliced" binding
|
* udp_splice_new() - Create and prepare socket for "spliced" binding
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
* @v6: Set for IPv6 connections
|
* @v6: Set for IPv6 sockets
|
||||||
* @bound_sock: Originating bound socket
|
* @bound_sock: Originating bound socket
|
||||||
* @src: Source port of original connection, host order
|
* @src: Source port of original connection, host order
|
||||||
* @dst: Destination port of original connection, host order
|
|
||||||
* @splice: UDP_BACK_TO_INIT from init, UDP_BACK_TO_NS from namespace
|
* @splice: UDP_BACK_TO_INIT from init, UDP_BACK_TO_NS from namespace
|
||||||
*
|
*
|
||||||
* Return: connected socket, negative error code on failure
|
* Return: prepared socket, negative error code on failure
|
||||||
*
|
*
|
||||||
* #syscalls:pasta getsockname
|
* #syscalls:pasta getsockname
|
||||||
*/
|
*/
|
||||||
int udp_splice_connect(const struct ctx *c, int v6, int bound_sock,
|
int udp_splice_new(const struct ctx *c, int v6, int bound_sock, in_port_t src,
|
||||||
in_port_t src, in_port_t dst, int splice)
|
int splice)
|
||||||
{
|
{
|
||||||
struct epoll_event ev = { .events = EPOLLIN | EPOLLRDHUP | EPOLLHUP };
|
struct epoll_event ev = { .events = EPOLLIN | EPOLLRDHUP | EPOLLHUP };
|
||||||
union epoll_ref ref = { .r.proto = IPPROTO_UDP,
|
union epoll_ref ref = { .r.proto = IPPROTO_UDP,
|
||||||
|
@ -423,10 +416,10 @@ int udp_splice_connect(const struct ctx *c, int v6, int bound_sock,
|
||||||
|
|
||||||
if (splice == UDP_BACK_TO_INIT) {
|
if (splice == UDP_BACK_TO_INIT) {
|
||||||
flow = &udp_splice_to_ns[v6 ? V6 : V4][src];
|
flow = &udp_splice_to_ns[v6 ? V6 : V4][src];
|
||||||
act = UDP_ACT_NS_CONN;
|
act = UDP_ACT_SPLICE_NS;
|
||||||
} else {
|
} else {
|
||||||
flow = &udp_splice_to_init[v6 ? V6 : V4][src];
|
flow = &udp_splice_to_init[v6 ? V6 : V4][src];
|
||||||
act = UDP_ACT_INIT_CONN;
|
act = UDP_ACT_SPLICE_INIT;
|
||||||
}
|
}
|
||||||
|
|
||||||
s = socket(v6 ? AF_INET6 : AF_INET, SOCK_DGRAM | SOCK_NONBLOCK,
|
s = socket(v6 ? AF_INET6 : AF_INET, SOCK_DGRAM | SOCK_NONBLOCK,
|
||||||
|
@ -450,9 +443,6 @@ int udp_splice_connect(const struct ctx *c, int v6, int bound_sock,
|
||||||
};
|
};
|
||||||
if (bind(s, (struct sockaddr *)&addr6, sizeof(addr6)))
|
if (bind(s, (struct sockaddr *)&addr6, sizeof(addr6)))
|
||||||
goto fail;
|
goto fail;
|
||||||
addr6.sin6_port = htons(dst);
|
|
||||||
if (connect(s, (struct sockaddr *)&addr6, sizeof(addr6)))
|
|
||||||
goto fail;
|
|
||||||
} else {
|
} else {
|
||||||
struct sockaddr_in addr4 = {
|
struct sockaddr_in addr4 = {
|
||||||
.sin_family = AF_INET,
|
.sin_family = AF_INET,
|
||||||
|
@ -461,9 +451,6 @@ int udp_splice_connect(const struct ctx *c, int v6, int bound_sock,
|
||||||
};
|
};
|
||||||
if (bind(s, (struct sockaddr *)&addr4, sizeof(addr4)))
|
if (bind(s, (struct sockaddr *)&addr4, sizeof(addr4)))
|
||||||
goto fail;
|
goto fail;
|
||||||
addr4.sin_port = htons(dst);
|
|
||||||
if (connect(s, (struct sockaddr *)&addr4, sizeof(addr4)))
|
|
||||||
goto fail;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
flow->orig_sock = bound_sock;
|
flow->orig_sock = bound_sock;
|
||||||
|
@ -480,40 +467,39 @@ fail:
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* struct udp_splice_connect_ns_arg - Arguments for udp_splice_connect_ns()
|
* struct udp_splice_new_ns_arg - Arguments for udp_splice_new_ns()
|
||||||
* @c: Execution context
|
* @c: Execution context
|
||||||
* @v6: Set for inbound IPv6 connection
|
* @v6: Set for IPv6
|
||||||
* @bound_sock: Originating bound socket
|
* @bound_sock: Originating bound socket
|
||||||
* @src: Source port of original connection, host order
|
* @src: Source port of originating datagram, host order
|
||||||
* @dst: Destination port of original connection, host order
|
* @dst: Destination port of originating datagram, host order
|
||||||
* @s: Newly created socket or negative error code
|
* @s: Newly created socket or negative error code
|
||||||
*/
|
*/
|
||||||
struct udp_splice_connect_ns_arg {
|
struct udp_splice_new_ns_arg {
|
||||||
const struct ctx *c;
|
const struct ctx *c;
|
||||||
int v6;
|
int v6;
|
||||||
int bound_sock;
|
int bound_sock;
|
||||||
in_port_t src;
|
in_port_t src;
|
||||||
in_port_t dst;
|
|
||||||
int s;
|
int s;
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* udp_splice_connect_ns() - Enter namespace and call udp_splice_connect()
|
* udp_splice_new_ns() - Enter namespace and call udp_splice_new()
|
||||||
* @arg: See struct udp_splice_connect_ns_arg
|
* @arg: See struct udp_splice_new_ns_arg
|
||||||
*
|
*
|
||||||
* Return: 0
|
* Return: 0
|
||||||
*/
|
*/
|
||||||
static int udp_splice_connect_ns(void *arg)
|
static int udp_splice_new_ns(void *arg)
|
||||||
{
|
{
|
||||||
struct udp_splice_connect_ns_arg *a;
|
struct udp_splice_new_ns_arg *a;
|
||||||
|
|
||||||
a = (struct udp_splice_connect_ns_arg *)arg;
|
a = (struct udp_splice_new_ns_arg *)arg;
|
||||||
|
|
||||||
if (ns_enter(a->c))
|
if (ns_enter(a->c))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
a->s = udp_splice_connect(a->c, a->v6, a->bound_sock, a->src, a->dst,
|
a->s = udp_splice_new(a->c, a->v6, a->bound_sock, a->src,
|
||||||
UDP_BACK_TO_INIT);
|
UDP_BACK_TO_INIT);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -556,11 +542,11 @@ static void udp_sock_handler_splice(const struct ctx *c, union epoll_ref ref,
|
||||||
src += c->udp.fwd_out.rdelta[src];
|
src += c->udp.fwd_out.rdelta[src];
|
||||||
|
|
||||||
if (!(s = udp_splice_to_ns[v6][src].target_sock)) {
|
if (!(s = udp_splice_to_ns[v6][src].target_sock)) {
|
||||||
struct udp_splice_connect_ns_arg arg = {
|
struct udp_splice_new_ns_arg arg = {
|
||||||
c, v6, ref.r.s, src, dst, -1,
|
c, v6, ref.r.s, src, -1,
|
||||||
};
|
};
|
||||||
|
|
||||||
NS_CALL(udp_splice_connect_ns, &arg);
|
NS_CALL(udp_splice_new_ns, &arg);
|
||||||
if ((s = arg.s) < 0)
|
if ((s = arg.s) < 0)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -574,8 +560,7 @@ static void udp_sock_handler_splice(const struct ctx *c, union epoll_ref ref,
|
||||||
src += c->udp.fwd_in.rdelta[src];
|
src += c->udp.fwd_in.rdelta[src];
|
||||||
|
|
||||||
if (!(s = udp_splice_to_init[v6][src].target_sock)) {
|
if (!(s = udp_splice_to_init[v6][src].target_sock)) {
|
||||||
s = udp_splice_connect(c, v6, ref.r.s, src, dst,
|
s = udp_splice_new(c, v6, ref.r.s, src, UDP_BACK_TO_NS);
|
||||||
UDP_BACK_TO_NS);
|
|
||||||
if (s < 0)
|
if (s < 0)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -1274,14 +1259,14 @@ static void udp_timer_one(struct ctx *c, int v6, enum udp_act_type type,
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
case UDP_ACT_INIT_CONN:
|
case UDP_ACT_SPLICE_INIT:
|
||||||
flow = &udp_splice_to_init[v6 ? V6 : V4][port];
|
flow = &udp_splice_to_init[v6 ? V6 : V4][port];
|
||||||
|
|
||||||
if (ts->tv_sec - flow->ts > UDP_CONN_TIMEOUT)
|
if (ts->tv_sec - flow->ts > UDP_CONN_TIMEOUT)
|
||||||
s = flow->target_sock;
|
s = flow->target_sock;
|
||||||
|
|
||||||
break;
|
break;
|
||||||
case UDP_ACT_NS_CONN:
|
case UDP_ACT_SPLICE_NS:
|
||||||
flow = &udp_splice_to_ns[v6 ? V6 : V4][port];
|
flow = &udp_splice_to_ns[v6 ? V6 : V4][port];
|
||||||
|
|
||||||
if (ts->tv_sec - flow->ts > UDP_CONN_TIMEOUT)
|
if (ts->tv_sec - flow->ts > UDP_CONN_TIMEOUT)
|
||||||
|
|
Loading…
Reference in a new issue