d5b80ccc72
Port numbers (for both TCP and UDP) are 16-bit, and so fit exactly into a 'short'. USHRT_MAX is therefore the maximum port number and this is widely used in the code. Unfortunately, a lot of those places don't actually want the maximum port number (USHRT_MAX == 65535), they want the total number of ports (65536). This leads to a number of potentially nasty consequences: * We have buffer overruns on the port_fwd::delta array if we try to use port 65535 * We have similar potential overruns for the tcp_sock_* arrays * Interestingly udp_act had the correct size, but we can calculate it in a more direct manner * We have a logical overrun of the ports bitmap as well, although it will just use an unused bit in the last byte so isnt harmful * Many loops don't consider port 65535 (which does mitigate some but not all of the buffer overruns above) * In udp_invert_portmap() we incorrectly compute the reverse port translation for return packets Correct all these by using a new NUM_PORTS defined explicitly for this purpose. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
68 lines
1.9 KiB
C
68 lines
1.9 KiB
C
/* SPDX-License-Identifier: AGPL-3.0-or-later
|
|
* Copyright (c) 2021 Red Hat GmbH
|
|
* Author: Stefano Brivio <sbrivio@redhat.com>
|
|
*/
|
|
|
|
#ifndef UDP_H
|
|
#define UDP_H
|
|
|
|
#define UDP_TIMER_INTERVAL 1000 /* ms */
|
|
|
|
void udp_sock_handler(const struct ctx *c, union epoll_ref ref, uint32_t events,
|
|
const struct timespec *now);
|
|
int udp_tap_handler(struct ctx *c, int af, const void *addr,
|
|
const struct pool *p, const struct timespec *now);
|
|
void udp_sock_init(const struct ctx *c, int ns, sa_family_t af,
|
|
const void *addr, in_port_t port);
|
|
int udp_init(struct ctx *c);
|
|
void udp_timer(struct ctx *c, const struct timespec *ts);
|
|
void udp_update_l2_buf(const unsigned char *eth_d, const unsigned char *eth_s,
|
|
const uint32_t *ip_da);
|
|
|
|
/**
|
|
* union udp_epoll_ref - epoll reference portion for TCP connections
|
|
* @bound: Set if this file descriptor is a bound socket
|
|
* @splice: Set if descriptor is associated to "spliced" connection
|
|
* @v6: Set for IPv6 sockets or connections
|
|
* @port: Source port for connected sockets, bound port otherwise
|
|
* @u32: Opaque u32 value of reference
|
|
*/
|
|
union udp_epoll_ref {
|
|
struct {
|
|
uint32_t bound:1,
|
|
splice:3,
|
|
#define UDP_TO_NS 1
|
|
#define UDP_TO_INIT 2
|
|
#define UDP_BACK_TO_NS 3
|
|
#define UDP_BACK_TO_INIT 4
|
|
|
|
v6:1,
|
|
port:16;
|
|
} udp;
|
|
uint32_t u32;
|
|
};
|
|
|
|
|
|
/**
|
|
* udp_port_fwd - UDP specific port forwarding configuration
|
|
* @f: Generic forwarding configuration
|
|
* @rdelta: Reversed delta map to translate source ports on return packets
|
|
*/
|
|
struct udp_port_fwd {
|
|
struct port_fwd f;
|
|
in_port_t rdelta[NUM_PORTS];
|
|
};
|
|
|
|
/**
|
|
* struct udp_ctx - Execution context for UDP
|
|
* @fwd_in: Port forwarding configuration for inbound packets
|
|
* @fwd_out: Port forwarding configuration for outbound packets
|
|
* @timer_run: Timestamp of most recent timer run
|
|
*/
|
|
struct udp_ctx {
|
|
struct udp_port_fwd fwd_in;
|
|
struct udp_port_fwd fwd_out;
|
|
struct timespec timer_run;
|
|
};
|
|
|
|
#endif /* UDP_H */
|