mirror of
https://passt.top/passt
synced 2025-06-12 10:35:34 +02:00

When a local peer sends a UDP message to a non-existing port on an existing remote host, that host will return an ICMPv6 message containing the error code ICMP6_DST_UNREACH_NOPORT, plus the IPv6 header, UDP header and the first 1232 bytes of the original message, if any. If the sender socket has been connected, it uses this message to issue a "Connection Refused" event to the user. Until now, we have only read such events from the externally facing socket, but we don't forward them back to the local sender because we cannot read the ICMP message directly to user space. Because of this, the local peer will hang and wait for a response that never arrives. We now fix this for IPv6 by recreating and forwarding a correct ICMP message back to the internal sender. We synthesize the message based on the information in the extended error structure, plus the returned part of the original message body. Note that for the sake of completeness, we even produce ICMP messages for other error types and codes. We have noticed that at least ICMP_PROT_UNREACH is propagated as an error event back to the user. Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Jon Maloy <jmaloy@redhat.com> [sbrivio: fix cppcheck warning, udp_send_conn_fail_icmp6() doesn't modify saddr which can be declared as const] Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
98 lines
3.5 KiB
C
98 lines
3.5 KiB
C
/* SPDX-License-Identifier: GPL-2.0-or-later
|
|
* Copyright (c) 2021 Red Hat GmbH
|
|
* Author: Stefano Brivio <sbrivio@redhat.com>
|
|
*/
|
|
|
|
#ifndef TAP_H
|
|
#define TAP_H
|
|
|
|
struct udphdr;
|
|
|
|
/**
|
|
* struct tap_hdr - tap backend specific headers
|
|
* @vnet_len: Frame length (for qemu socket transport)
|
|
*/
|
|
struct tap_hdr {
|
|
uint32_t vnet_len;
|
|
} __attribute__((packed));
|
|
|
|
/**
|
|
* tap_hdr_iov() - struct iovec for a tap header
|
|
* @c: Execution context
|
|
* @taph: Pointer to tap specific header buffer
|
|
*
|
|
* Returns: A struct iovec covering the correct portion of @taph to use as the
|
|
* tap specific header in the current configuration.
|
|
*/
|
|
static inline struct iovec tap_hdr_iov(const struct ctx *c,
|
|
struct tap_hdr *thdr)
|
|
{
|
|
return (struct iovec){
|
|
.iov_base = thdr,
|
|
.iov_len = c->mode == MODE_PASST ? sizeof(*thdr) : 0,
|
|
};
|
|
}
|
|
|
|
/**
|
|
* tap_hdr_update() - Update the tap specific header for a frame
|
|
* @taph: Tap specific header buffer to update
|
|
* @l2len: Frame length (including L2 headers)
|
|
*/
|
|
static inline void tap_hdr_update(struct tap_hdr *thdr, size_t l2len)
|
|
{
|
|
if (thdr)
|
|
thdr->vnet_len = htonl(l2len);
|
|
}
|
|
|
|
void *tap_push_l2h(const struct ctx *c, void *buf, uint16_t proto);
|
|
void *tap_push_ip4h(struct iphdr *ip4h, struct in_addr src,
|
|
struct in_addr dst, size_t l4len, uint8_t proto);
|
|
void *tap_push_uh4(struct udphdr *uh, struct in_addr src, in_port_t sport,
|
|
struct in_addr dst, in_port_t dport,
|
|
const void *in, size_t dlen);
|
|
void *tap_push_uh6(struct udphdr *uh,
|
|
const struct in6_addr *src, in_port_t sport,
|
|
const struct in6_addr *dst, in_port_t dport,
|
|
void *in, size_t dlen);
|
|
void *tap_push_ip4h(struct iphdr *ip4h, struct in_addr src,
|
|
struct in_addr dst, size_t l4len, uint8_t proto);
|
|
void *tap_push_ip6h(struct ipv6hdr *ip6h,
|
|
const struct in6_addr *src,
|
|
const struct in6_addr *dst,
|
|
size_t l4len, uint8_t proto, uint32_t flow);
|
|
void tap_udp4_send(const struct ctx *c, struct in_addr src, in_port_t sport,
|
|
struct in_addr dst, in_port_t dport,
|
|
const void *in, size_t dlen);
|
|
void tap_icmp4_send(const struct ctx *c, struct in_addr src, struct in_addr dst,
|
|
const void *in, size_t l4len);
|
|
const struct in6_addr *tap_ip6_daddr(const struct ctx *c,
|
|
const struct in6_addr *src);
|
|
void *tap_push_ip6h(struct ipv6hdr *ip6h,
|
|
const struct in6_addr *src, const struct in6_addr *dst,
|
|
size_t l4len, uint8_t proto, uint32_t flow);
|
|
void tap_udp6_send(const struct ctx *c,
|
|
const struct in6_addr *src, in_port_t sport,
|
|
const struct in6_addr *dst, in_port_t dport,
|
|
uint32_t flow, void *in, size_t dlen);
|
|
void tap_icmp6_send(const struct ctx *c,
|
|
const struct in6_addr *src, const struct in6_addr *dst,
|
|
const void *in, size_t l4len);
|
|
void tap_send_single(const struct ctx *c, const void *data, size_t l2len);
|
|
size_t tap_send_frames(const struct ctx *c, const struct iovec *iov,
|
|
size_t bufs_per_frame, size_t nframes);
|
|
void eth_update_mac(struct ethhdr *eh,
|
|
const unsigned char *eth_d, const unsigned char *eth_s);
|
|
void tap_listen_handler(struct ctx *c, uint32_t events);
|
|
void tap_handler_pasta(struct ctx *c, uint32_t events,
|
|
const struct timespec *now);
|
|
void tap_handler_passt(struct ctx *c, uint32_t events,
|
|
const struct timespec *now);
|
|
int tap_sock_unix_open(char *sock_path);
|
|
void tap_sock_reset(struct ctx *c);
|
|
void tap_sock_update_pool(void *base, size_t size);
|
|
void tap_backend_init(struct ctx *c);
|
|
void tap_flush_pools(void);
|
|
void tap_handler(struct ctx *c, const struct timespec *now);
|
|
void tap_add_packet(struct ctx *c, ssize_t l2len, char *p);
|
|
|
|
#endif /* TAP_H */
|