tcp: More precise terms for addresses and ports

In a number of places the comments and variable names we use to describe
addresses and ports are ambiguous.  It's not sufficient to describe a port
as "tap-facing" or "socket-facing", because on both the tap side and the
socket side there are two ports for the two ends of the connection.
Similarly, "local" and "remote" aren't particularly helpful, because it's
not necessarily clear whether we're talking from the point of view of the
guest/namespace, the host, or passt itself.

This patch makes a number of changes to be more precise about this.  It
introduces two new terms in aid of this:
    A "forwarding" address (or port) refers to an address which is local
from the point of view of passt itself.  That is a source address for
traffic sent by passt, whether it's to the guest via the tap interface
or to a host on the internet via a socket.
    The "endpoint" address (or port) is the reverse: a remote address
from passt's point of view, the destination address for traffic sent
by passt.

Between them the "side" (either tap/guest-facing or sock/host-facing)
and forwarding vs. endpoint unambiguously describes which address or
port we're talking about.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2023-08-22 15:29:54 +10:00 committed by Stefano Brivio
parent cee4a2da48
commit bccfbff193
2 changed files with 53 additions and 52 deletions

93
tcp.c
View file

@ -401,7 +401,7 @@ struct tcp6_l2_head { /* For MSS6 macro: keep in sync with tcp6_l2_buf_t */
#define OPT_SACK 5 #define OPT_SACK 5
#define OPT_TS 8 #define OPT_TS 8
#define CONN_V4(conn) (!!inany_v4(&(conn)->addr)) #define CONN_V4(conn) (!!inany_v4(&(conn)->faddr))
#define CONN_V6(conn) (!CONN_V4(conn)) #define CONN_V6(conn) (!CONN_V4(conn))
#define CONN_IS_CLOSING(conn) \ #define CONN_IS_CLOSING(conn) \
((conn->events & ESTABLISHED) && \ ((conn->events & ESTABLISHED) && \
@ -434,7 +434,9 @@ static const char *tcp_flag_str[] __attribute((__unused__)) = {
static int tcp_sock_init_ext [NUM_PORTS][IP_VERSIONS]; static int tcp_sock_init_ext [NUM_PORTS][IP_VERSIONS];
static int tcp_sock_ns [NUM_PORTS][IP_VERSIONS]; static int tcp_sock_ns [NUM_PORTS][IP_VERSIONS];
/* Table of destinations with very low RTT (assumed to be local), LRU */ /* Table of guest side forwarding addresses with very low RTT (assumed
* to be local to the host), LRU
*/
static union inany_addr low_rtt_dst[LOW_RTT_TABLE_SIZE]; static union inany_addr low_rtt_dst[LOW_RTT_TABLE_SIZE];
/* Static buffers */ /* Static buffers */
@ -858,7 +860,7 @@ static int tcp_rtt_dst_low(const struct tcp_tap_conn *conn)
int i; int i;
for (i = 0; i < LOW_RTT_TABLE_SIZE; i++) for (i = 0; i < LOW_RTT_TABLE_SIZE; i++)
if (inany_equals(&conn->addr, low_rtt_dst + i)) if (inany_equals(&conn->faddr, low_rtt_dst + i))
return 1; return 1;
return 0; return 0;
@ -880,7 +882,7 @@ static void tcp_rtt_dst_check(const struct tcp_tap_conn *conn,
return; return;
for (i = 0; i < LOW_RTT_TABLE_SIZE; i++) { for (i = 0; i < LOW_RTT_TABLE_SIZE; i++) {
if (inany_equals(&conn->addr, low_rtt_dst + i)) if (inany_equals(&conn->faddr, low_rtt_dst + i))
return; return;
if (hole == -1 && IN6_IS_ADDR_UNSPECIFIED(low_rtt_dst + i)) if (hole == -1 && IN6_IS_ADDR_UNSPECIFIED(low_rtt_dst + i))
hole = i; hole = i;
@ -892,7 +894,7 @@ static void tcp_rtt_dst_check(const struct tcp_tap_conn *conn,
if (hole == -1) if (hole == -1)
return; return;
low_rtt_dst[hole++] = conn->addr; low_rtt_dst[hole++] = conn->faddr;
if (hole == LOW_RTT_TABLE_SIZE) if (hole == LOW_RTT_TABLE_SIZE)
hole = 0; hole = 0;
inany_from_af(low_rtt_dst + hole, AF_INET6, &in6addr_any); inany_from_af(low_rtt_dst + hole, AF_INET6, &in6addr_any);
@ -1162,18 +1164,18 @@ static int tcp_opt_get(const char *opts, size_t len, uint8_t type_find,
/** /**
* tcp_hash_match() - Check if a connection entry matches address and ports * tcp_hash_match() - Check if a connection entry matches address and ports
* @conn: Connection entry to match against * @conn: Connection entry to match against
* @addr: Remote address * @faddr: Guest side forwarding address
* @tap_port: tap-facing port * @eport: Guest side endpoint port
* @sock_port: Socket-facing port * @fport: Guest side forwarding port
* *
* Return: 1 on match, 0 otherwise * Return: 1 on match, 0 otherwise
*/ */
static int tcp_hash_match(const struct tcp_tap_conn *conn, static int tcp_hash_match(const struct tcp_tap_conn *conn,
const union inany_addr *addr, const union inany_addr *faddr,
in_port_t tap_port, in_port_t sock_port) in_port_t eport, in_port_t fport)
{ {
if (inany_equals(&conn->addr, addr) && if (inany_equals(&conn->faddr, faddr) &&
conn->tap_port == tap_port && conn->sock_port == sock_port) conn->eport == eport && conn->fport == fport)
return 1; return 1;
return 0; return 0;
@ -1182,21 +1184,21 @@ static int tcp_hash_match(const struct tcp_tap_conn *conn,
/** /**
* tcp_hash() - Calculate hash value for connection given address and ports * tcp_hash() - Calculate hash value for connection given address and ports
* @c: Execution context * @c: Execution context
* @addr: Remote address * @faddr: Guest side forwarding address
* @tap_port: tap-facing port * @eport: Guest side endpoint port
* @sock_port: Socket-facing port * @fport: Guest side forwarding port
* *
* Return: hash value, already modulo size of the hash table * Return: hash value, already modulo size of the hash table
*/ */
static unsigned int tcp_hash(const struct ctx *c, const union inany_addr *addr, static unsigned int tcp_hash(const struct ctx *c, const union inany_addr *faddr,
in_port_t tap_port, in_port_t sock_port) in_port_t eport, in_port_t fport)
{ {
struct { struct {
union inany_addr addr; union inany_addr faddr;
in_port_t tap_port; in_port_t eport;
in_port_t sock_port; in_port_t fport;
} __attribute__((__packed__)) in = { } __attribute__((__packed__)) in = {
*addr, tap_port, sock_port *faddr, eport, fport
}; };
uint64_t b = 0; uint64_t b = 0;
@ -1215,7 +1217,7 @@ static unsigned int tcp_hash(const struct ctx *c, const union inany_addr *addr,
static unsigned int tcp_conn_hash(const struct ctx *c, static unsigned int tcp_conn_hash(const struct ctx *c,
const struct tcp_tap_conn *conn) const struct tcp_tap_conn *conn)
{ {
return tcp_hash(c, &conn->addr, conn->tap_port, conn->sock_port); return tcp_hash(c, &conn->faddr, conn->eport, conn->fport);
} }
/** /**
@ -1227,7 +1229,7 @@ static void tcp_hash_insert(const struct ctx *c, struct tcp_tap_conn *conn)
{ {
int b; int b;
b = tcp_hash(c, &conn->addr, conn->tap_port, conn->sock_port); b = tcp_hash(c, &conn->faddr, conn->eport, conn->fport);
conn->next_index = tc_hash[b] ? CONN_IDX(tc_hash[b]) : -1; conn->next_index = tc_hash[b] ? CONN_IDX(tc_hash[b]) : -1;
tc_hash[b] = conn; tc_hash[b] = conn;
@ -1296,25 +1298,24 @@ static void tcp_tap_conn_update(struct ctx *c, struct tcp_tap_conn *old,
* tcp_hash_lookup() - Look up connection given remote address and ports * tcp_hash_lookup() - Look up connection given remote address and ports
* @c: Execution context * @c: Execution context
* @af: Address family, AF_INET or AF_INET6 * @af: Address family, AF_INET or AF_INET6
* @addr: Remote address, pointer to in_addr or in6_addr * @faddr: Guest side forwarding address (guest remote address)
* @tap_port: tap-facing port * @eport: Guest side endpoint port (guest local port)
* @sock_port: Socket-facing port * @fport: Guest side forwarding port (guest remote port)
* *
* Return: connection pointer, if found, -ENOENT otherwise * Return: connection pointer, if found, -ENOENT otherwise
*/ */
static struct tcp_tap_conn *tcp_hash_lookup(const struct ctx *c, static struct tcp_tap_conn *tcp_hash_lookup(const struct ctx *c,
int af, const void *addr, int af, const void *faddr,
in_port_t tap_port, in_port_t eport, in_port_t fport)
in_port_t sock_port)
{ {
union inany_addr aany; union inany_addr aany;
struct tcp_tap_conn *conn; struct tcp_tap_conn *conn;
int b; int b;
inany_from_af(&aany, af, addr); inany_from_af(&aany, af, faddr);
b = tcp_hash(c, &aany, tap_port, sock_port); b = tcp_hash(c, &aany, eport, fport);
for (conn = tc_hash[b]; conn; conn = conn_at_idx(conn->next_index)) { for (conn = tc_hash[b]; conn; conn = conn_at_idx(conn->next_index)) {
if (tcp_hash_match(conn, &aany, tap_port, sock_port)) if (tcp_hash_match(conn, &aany, eport, fport))
return conn; return conn;
} }
@ -1447,13 +1448,13 @@ static size_t tcp_l2_buf_fill_headers(const struct ctx *c,
void *p, size_t plen, void *p, size_t plen,
const uint16_t *check, uint32_t seq) const uint16_t *check, uint32_t seq)
{ {
const struct in_addr *a4 = inany_v4(&conn->addr); const struct in_addr *a4 = inany_v4(&conn->faddr);
size_t ip_len, tlen; size_t ip_len, tlen;
#define SET_TCP_HEADER_COMMON_V4_V6(b, conn, seq) \ #define SET_TCP_HEADER_COMMON_V4_V6(b, conn, seq) \
do { \ do { \
b->th.source = htons(conn->sock_port); \ b->th.source = htons(conn->fport); \
b->th.dest = htons(conn->tap_port); \ b->th.dest = htons(conn->eport); \
b->th.seq = htonl(seq); \ b->th.seq = htonl(seq); \
b->th.ack_seq = htonl(conn->seq_ack_to_tap); \ b->th.ack_seq = htonl(conn->seq_ack_to_tap); \
if (conn->events & ESTABLISHED) { \ if (conn->events & ESTABLISHED) { \
@ -1489,7 +1490,7 @@ do { \
ip_len = plen + sizeof(struct ipv6hdr) + sizeof(struct tcphdr); ip_len = plen + sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
b->ip6h.payload_len = htons(plen + sizeof(struct tcphdr)); b->ip6h.payload_len = htons(plen + sizeof(struct tcphdr));
b->ip6h.saddr = conn->addr.a6; b->ip6h.saddr = conn->faddr.a6;
if (IN6_IS_ADDR_LINKLOCAL(&b->ip6h.saddr)) if (IN6_IS_ADDR_LINKLOCAL(&b->ip6h.saddr))
b->ip6h.daddr = c->ip6.addr_ll_seen; b->ip6h.daddr = c->ip6.addr_ll_seen;
else else
@ -1842,7 +1843,7 @@ static void tcp_clamp_window(const struct ctx *c, struct tcp_tap_conn *conn,
/** /**
* tcp_seq_init() - Calculate initial sequence number according to RFC 6528 * tcp_seq_init() - Calculate initial sequence number according to RFC 6528
* @c: Execution context * @c: Execution context
* @conn: TCP connection, with addr, sock_port and tap_port populated * @conn: TCP connection, with faddr, fport and eport populated
* @now: Current timestamp * @now: Current timestamp
*/ */
static void tcp_seq_init(const struct ctx *c, struct tcp_tap_conn *conn, static void tcp_seq_init(const struct ctx *c, struct tcp_tap_conn *conn,
@ -1855,9 +1856,9 @@ static void tcp_seq_init(const struct ctx *c, struct tcp_tap_conn *conn,
union inany_addr dst; union inany_addr dst;
in_port_t dstport; in_port_t dstport;
} __attribute__((__packed__)) in = { } __attribute__((__packed__)) in = {
.src = conn->addr, .src = conn->faddr,
.srcport = conn->tap_port, .srcport = conn->eport,
.dstport = conn->sock_port, .dstport = conn->fport,
}; };
uint32_t ns, seq = 0; uint32_t ns, seq = 0;
@ -2082,7 +2083,7 @@ static void tcp_conn_from_tap(struct ctx *c,
if (!(conn->wnd_from_tap = (htons(th->window) >> conn->ws_from_tap))) if (!(conn->wnd_from_tap = (htons(th->window) >> conn->ws_from_tap)))
conn->wnd_from_tap = 1; conn->wnd_from_tap = 1;
inany_from_af(&conn->addr, af, daddr); inany_from_af(&conn->faddr, af, daddr);
if (af == AF_INET) { if (af == AF_INET) {
sa = (struct sockaddr *)&addr4; sa = (struct sockaddr *)&addr4;
@ -2092,8 +2093,8 @@ static void tcp_conn_from_tap(struct ctx *c,
sl = sizeof(addr6); sl = sizeof(addr6);
} }
conn->sock_port = ntohs(th->dest); conn->fport = ntohs(th->dest);
conn->tap_port = ntohs(th->source); conn->eport = ntohs(th->source);
conn->seq_init_from_tap = ntohl(th->seq); conn->seq_init_from_tap = ntohl(th->seq);
conn->seq_from_tap = conn->seq_init_from_tap + 1; conn->seq_from_tap = conn->seq_init_from_tap + 1;
@ -2753,10 +2754,10 @@ static void tcp_tap_conn_from_sock(struct ctx *c,
conn->ws_to_tap = conn->ws_from_tap = 0; conn->ws_to_tap = conn->ws_from_tap = 0;
conn_event(c, conn, SOCK_ACCEPTED); conn_event(c, conn, SOCK_ACCEPTED);
inany_from_sockaddr(&conn->addr, &conn->sock_port, sa); inany_from_sockaddr(&conn->faddr, &conn->fport, sa);
conn->tap_port = ref.port; conn->eport = ref.port;
tcp_snat_inbound(c, &conn->addr); tcp_snat_inbound(c, &conn->faddr);
tcp_seq_init(c, conn, now); tcp_seq_init(c, conn, now);
tcp_hash_insert(c, conn); tcp_hash_insert(c, conn);

View file

@ -35,9 +35,9 @@ extern const char *tcp_common_flag_str[];
* @ws_to_tap: Window scaling factor advertised to tap/guest * @ws_to_tap: Window scaling factor advertised to tap/guest
* @sndbuf: Sending buffer in kernel, rounded to 2 ^ SNDBUF_BITS * @sndbuf: Sending buffer in kernel, rounded to 2 ^ SNDBUF_BITS
* @seq_dup_ack_approx: Last duplicate ACK number sent to tap * @seq_dup_ack_approx: Last duplicate ACK number sent to tap
* @addr: Remote address (IPv4 or IPv6) * @faddr: Guest side forwarding address (guest's remote address)
* @tap_port: Guest-facing tap port * @eport: Guest side endpoint port (guest's local port)
* @sock_port: Remote, socket-facing port * @fport: Guest side forwarding port (guest's remote port)
* @wnd_from_tap: Last window size from tap, unscaled (as received) * @wnd_from_tap: Last window size from tap, unscaled (as received)
* @wnd_to_tap: Sending window advertised to tap, unscaled (as sent) * @wnd_to_tap: Sending window advertised to tap, unscaled (as sent)
* @seq_to_tap: Next sequence for packets to tap * @seq_to_tap: Next sequence for packets to tap
@ -105,9 +105,9 @@ struct tcp_tap_conn {
uint8_t seq_dup_ack_approx; uint8_t seq_dup_ack_approx;
union inany_addr addr; union inany_addr faddr;
in_port_t tap_port; in_port_t eport;
in_port_t sock_port; in_port_t fport;
uint16_t wnd_from_tap; uint16_t wnd_from_tap;
uint16_t wnd_to_tap; uint16_t wnd_to_tap;