mirror of
https://passt.top/passt
synced 2025-01-03 11:25:24 +00:00
icmp: Implement lazy bind for ping sockets
It turns out that binding ICMP/ICMPv6 echo sockets takes a long time. Instead of binding all of them (one for each possible echo identification number, that is, 2^17) at start-up, bind them as ICMP/ICMPv6 packets are sent by the guest. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
5fd6db7751
commit
9311ceb8b6
12
icmp.c
12
icmp.c
@ -105,7 +105,8 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr,
|
|||||||
struct icmphdr *ih = (struct icmphdr *)msg[0].l4h;
|
struct icmphdr *ih = (struct icmphdr *)msg[0].l4h;
|
||||||
struct sockaddr_in sa = {
|
struct sockaddr_in sa = {
|
||||||
.sin_family = AF_INET,
|
.sin_family = AF_INET,
|
||||||
.sin_addr = *(struct in_addr *)addr,
|
.sin_addr = { .s_addr = INADDR_ANY },
|
||||||
|
.sin_port = ih->un.echo.id,
|
||||||
};
|
};
|
||||||
|
|
||||||
if (msg[0].l4_len < sizeof(*ih) || ih->type != ICMP_ECHO)
|
if (msg[0].l4_len < sizeof(*ih) || ih->type != ICMP_ECHO)
|
||||||
@ -114,6 +115,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr,
|
|||||||
if ((s = icmp_s_v4[ntohs(ih->un.echo.id)]) < 0)
|
if ((s = icmp_s_v4[ntohs(ih->un.echo.id)]) < 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
bind(s, (struct sockaddr *)&sa, sizeof(sa));
|
||||||
|
|
||||||
|
sa.sin_addr = *(struct in_addr *)addr;
|
||||||
sendto(s, msg[0].l4h, msg[0].l4_len,
|
sendto(s, msg[0].l4h, msg[0].l4_len,
|
||||||
MSG_DONTWAIT | MSG_NOSIGNAL,
|
MSG_DONTWAIT | MSG_NOSIGNAL,
|
||||||
(struct sockaddr *)&sa, sizeof(sa));
|
(struct sockaddr *)&sa, sizeof(sa));
|
||||||
@ -121,7 +125,8 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr,
|
|||||||
struct icmp6hdr *ih = (struct icmp6hdr *)msg[0].l4h;
|
struct icmp6hdr *ih = (struct icmp6hdr *)msg[0].l4h;
|
||||||
struct sockaddr_in6 sa = {
|
struct sockaddr_in6 sa = {
|
||||||
.sin6_family = AF_INET6,
|
.sin6_family = AF_INET6,
|
||||||
.sin6_addr = *(struct in6_addr *)addr,
|
.sin6_addr = IN6ADDR_ANY_INIT,
|
||||||
|
.sin6_port = ih->icmp6_identifier,
|
||||||
};
|
};
|
||||||
|
|
||||||
if (msg[0].l4_len < sizeof(*ih) ||
|
if (msg[0].l4_len < sizeof(*ih) ||
|
||||||
@ -131,6 +136,9 @@ int icmp_tap_handler(struct ctx *c, int af, void *addr,
|
|||||||
if ((s = icmp_s_v6[ntohs(ih->icmp6_identifier)]) < 0)
|
if ((s = icmp_s_v6[ntohs(ih->icmp6_identifier)]) < 0)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
bind(s, (struct sockaddr *)&sa, sizeof(sa));
|
||||||
|
|
||||||
|
sa.sin6_addr = *(struct in6_addr *)addr;
|
||||||
sendto(s, msg[0].l4h, msg[0].l4_len,
|
sendto(s, msg[0].l4h, msg[0].l4_len,
|
||||||
MSG_DONTWAIT | MSG_NOSIGNAL,
|
MSG_DONTWAIT | MSG_NOSIGNAL,
|
||||||
(struct sockaddr *)&sa, sizeof(sa));
|
(struct sockaddr *)&sa, sizeof(sa));
|
||||||
|
4
util.c
4
util.c
@ -17,7 +17,6 @@
|
|||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
#include <net/ethernet.h>
|
#include <net/ethernet.h>
|
||||||
#include <net/if.h>
|
#include <net/if.h>
|
||||||
#include <netinet/ip.h>
|
|
||||||
#include <netinet/tcp.h>
|
#include <netinet/tcp.h>
|
||||||
#include <netinet/udp.h>
|
#include <netinet/udp.h>
|
||||||
#include <sys/epoll.h>
|
#include <sys/epoll.h>
|
||||||
@ -207,6 +206,9 @@ int sock_l4(struct ctx *c, int af, uint16_t proto, uint16_t port)
|
|||||||
if (proto == IPPROTO_UDP && PORT_IS_EPHEMERAL(port))
|
if (proto == IPPROTO_UDP && PORT_IS_EPHEMERAL(port))
|
||||||
goto epoll_add;
|
goto epoll_add;
|
||||||
|
|
||||||
|
if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6)
|
||||||
|
goto epoll_add;
|
||||||
|
|
||||||
if (bind(fd, sa, sl) < 0) {
|
if (bind(fd, sa, sl) < 0) {
|
||||||
/* We'll fail to bind to low ports if we don't have enough
|
/* We'll fail to bind to low ports if we don't have enough
|
||||||
* capabilities, and we'll fail to bind on already bound ports,
|
* capabilities, and we'll fail to bind on already bound ports,
|
||||||
|
Loading…
Reference in New Issue
Block a user