The flags field in udp_tap_port was used to implement a rudimentary (and
buggy) form of connection tracking. This has now been taken over by the
flow table. So, eliminate the field. This in turn allows udp_tap_port
and udp_splice_port to be merged into a single type.
Signed-off-by: David Gibson <david(a)gibson.dropbear.id.au>
---
udp.c | 61 ++++++++++++++++++++---------------------------------------
1 file changed, 20 insertions(+), 41 deletions(-)
diff --git a/udp.c b/udp.c
index 3b30306a..489e2095 100644
--- a/udp.c
+++ b/udp.c
@@ -133,38 +133,21 @@
#define UDP_MAX_FRAMES 32 /* max # of frames to receive at once */
/**
- * struct udp_tap_port - Port tracking based on tap-facing source port
- * @sock: Socket bound to source port used as index
- * @flags: Flags for recent activity type seen from/to port
- * @ts: Activity timestamp from tap, used for socket aging
- */
-struct udp_tap_port {
- int sock;
- uint8_t flags;
-#define PORT_LOCAL BIT(0) /* Port was contacted from local address */
-#define PORT_LOOPBACK BIT(1) /* Port was contacted from loopback address */
-#define PORT_GUA BIT(2) /* Port was contacted from global unicast */
-#define PORT_DNS_FWD BIT(3) /* Port used as source for DNS remapped query */
-
- time_t ts;
-};
-
-/**
- * struct udp_splice_port - Bound socket for spliced communication
+ * struct udp_bound_port - Bound socket for host or ns communication
* @sock: Socket bound to index port
* @ts: Activity timestamp
*/
-struct udp_splice_port {
+struct udp_bound_port {
int sock;
time_t ts;
};
/* Port tracking, arrays indexed by packet source port (host order) */
-static struct udp_tap_port udp_tap_map [IP_VERSIONS][NUM_PORTS];
+static struct udp_bound_port udp_tap_map [IP_VERSIONS][NUM_PORTS];
/* "Spliced" sockets indexed by bound port (host order) */
-static struct udp_splice_port udp_splice_ns [IP_VERSIONS][NUM_PORTS];
-static struct udp_splice_port udp_splice_init[IP_VERSIONS][NUM_PORTS];
+static struct udp_bound_port udp_splice_ns [IP_VERSIONS][NUM_PORTS];
+static struct udp_bound_port udp_splice_init[IP_VERSIONS][NUM_PORTS];
enum udp_act_type {
UDP_ACT_TAP,
@@ -387,7 +370,7 @@ int udp_splice_new(const struct ctx *c, int v6, in_port_t src, bool
ns)
union epoll_ref ref = { .type = EPOLL_TYPE_UDP,
.udp = { .splice = true, .v6 = v6, .port = src }
};
- struct udp_splice_port *sp;
+ struct udp_bound_port *sp;
int act, s;
if (ns) {
@@ -1109,41 +1092,37 @@ static void udp_splice_iov_init(void)
static void udp_timer_one(struct ctx *c, int v6, enum udp_act_type type,
in_port_t port, const struct timespec *now)
{
- struct udp_splice_port *sp;
- struct udp_tap_port *tp;
- int *sockp = NULL;
+ struct udp_bound_port *bp;
switch (type) {
case UDP_ACT_TAP:
- tp = &udp_tap_map[v6 ? V6 : V4][port];
+ bp = &udp_tap_map[v6 ? V6 : V4][port];
- if (now->tv_sec - tp->ts > UDP_CONN_TIMEOUT) {
- sockp = &tp->sock;
- tp->flags = 0;
- }
+ if (now->tv_sec - bp->ts <= UDP_CONN_TIMEOUT)
+ return; /* nothing to do */
break;
case UDP_ACT_SPLICE_INIT:
- sp = &udp_splice_init[v6 ? V6 : V4][port];
+ bp = &udp_splice_init[v6 ? V6 : V4][port];
- if (now->tv_sec - sp->ts > UDP_CONN_TIMEOUT)
- sockp = &sp->sock;
+ if (now->tv_sec - bp->ts <= UDP_CONN_TIMEOUT)
+ return; /* nothing to do */
break;
case UDP_ACT_SPLICE_NS:
- sp = &udp_splice_ns[v6 ? V6 : V4][port];
+ bp = &udp_splice_ns[v6 ? V6 : V4][port];
- if (now->tv_sec - sp->ts > UDP_CONN_TIMEOUT)
- sockp = &sp->sock;
+ if (now->tv_sec - bp->ts <= UDP_CONN_TIMEOUT)
+ return; /* nothing to do */
break;
default:
return;
}
- if (sockp && *sockp >= 0) {
- int s = *sockp;
- *sockp = -1;
+ if (bp->sock >= 0) {
+ int s = bp->sock;
+ bp->sock = -1;
epoll_ctl(c->epollfd, EPOLL_CTL_DEL, s, NULL);
close(s);
bitmap_clear(udp_act[v6 ? V6 : V4][type], port);
@@ -1163,7 +1142,7 @@ static void udp_port_rebind(struct ctx *c, bool outbound)
= outbound ? c->udp.fwd_out.f.map : c->udp.fwd_in.f.map;
const uint8_t *rmap
= outbound ? c->udp.fwd_in.f.map : c->udp.fwd_out.f.map;
- struct udp_splice_port (*socks)[NUM_PORTS]
+ struct udp_bound_port (*socks)[NUM_PORTS]
= outbound ? udp_splice_ns : udp_splice_init;
unsigned port;
--
2.45.2