From nobody Wed Nov  5 02:32:57 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1534380405857836.8126637192337;
 Wed, 15 Aug 2018 17:46:45 -0700 (PDT)
Received: from localhost ([::1]:52856 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1fq6Qs-0006WY-S4
	for importer@patchew.org; Wed, 15 Aug 2018 20:46:34 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:51695)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <andrewoates@gmail.com>) id 1fq60v-0008Lt-D9
	for qemu-devel@nongnu.org; Wed, 15 Aug 2018 20:19:46 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <andrewoates@gmail.com>) id 1fq60q-0008Na-1l
	for qemu-devel@nongnu.org; Wed, 15 Aug 2018 20:19:45 -0400
Received: from mail-qk0-x242.google.com ([2607:f8b0:400d:c09::242]:40417)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <andrewoates@gmail.com>)
	id 1fq60i-0008Kt-0x
	for qemu-devel@nongnu.org; Wed, 15 Aug 2018 20:19:37 -0400
Received: by mail-qk0-x242.google.com with SMTP id c126-v6so2159728qkd.7
	for <qemu-devel@nongnu.org>; Wed, 15 Aug 2018 17:19:28 -0700 (PDT)
Received: from localhost.localdomain (c-65-96-174-46.hsd1.ma.comcast.net.
	[65.96.174.46]) by smtp.gmail.com with ESMTPSA id
	s19-v6sm16154299qtj.61.2018.08.15.17.19.27
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Wed, 15 Aug 2018 17:19:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id;
	bh=tIbreB294mil2MBHYXwLJQbJ5nEYTDD5v+abLSZrvPQ=;
	b=AjO2G+yzjGm2TlIPa7AGFoHnzX2O5EJOIgRr3GjUmm+f169wknUoTqI7I02lJg+OBK
	vGL+lqcfYCmQJBM2u4s/esR1Q4T/pzVVScXrdKnmGh+TgenlvFRbpQl5jDu8UH+FXGeU
	T4kX/M55pDo3g7VRK8p77Nta21PYMcbcqMZd3wJt+9/hLm44ZR3MO//WaURGho6UrhBX
	ZNo7i0phvcvh3duLAZ4+FQT7qdM0WA7DoVag5xTwNl4ScpngqWGqNKyg6mQrsnbf+NNN
	YRt+MHb9VyQUNJ/31BCfP3cE8sPaGz2MQSItphMUiQUV9lFaIC6raunAQGYSAXt4ipSW
	cf+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id;
	bh=tIbreB294mil2MBHYXwLJQbJ5nEYTDD5v+abLSZrvPQ=;
	b=JoxTL3ICNMqJeKfmLHdcYdfOck82o+QHGfd19CFRpAAJ22xQLnf8XL+pI2mA+FEiYl
	zJBAx137eaZYHubs5gr6TEgXvosFw4SSqKzXKeK/m5zyUQUk/vjFXMZd++ol3qHC6yEN
	cI2jAh10OFrk3Lgaw5VizuwuJ4jgQyh5mjmS8xtGV55CnOcNxTYSce/eAhQPdqTjatT9
	u1OlD4ILXXnk/zsMCHPQXrB4Jgv6Rg8/kVCmKWVuECQM4hfA2QvnRc6607juw+x2Ydaf
	lKzQwZ8mbsRM9dMJ56SsYJSvYIsrfIWb/3jUvDSKL2uCb/CymumXcvBJqXav673zFmVN
	ZJBA==
X-Gm-Message-State: AOUpUlGZFbXts7ddoHN1MXThpV//mUS5infCJm8k06M+7ZfuujS24uZT
	otVKoQz3mJk21s6Ovd/qZJ4=
X-Google-Smtp-Source: 
 AA+uWPxZ9pRQC1DpEkMgg0KoTy4wsgFtvsR1eEGqsY9TaR6SNlPx4WIGGCKav/gP8Vxah6FPfclGbg==
X-Received: by 2002:a37:12ce:: with SMTP id 75-v6mr18762qks.319.1534378768095;
	Wed, 15 Aug 2018 17:19:28 -0700 (PDT)
From: andrew@andrewoates.com
To: peter.maydell@linaro.org, samuel.thibault@ens-lyon.org,
	jan.kiszka@siemens.com, qemu-devel@nongnu.org
Date: Wed, 15 Aug 2018 20:18:45 -0400
Message-Id: <20180816001845.29052-1-andrew@andrewoates.com>
X-Mailer: git-send-email 2.17.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:400d:c09::242
X-Mailman-Approved-At: Wed, 15 Aug 2018 20:45:26 -0400
Subject: [Qemu-devel] [PATCH v4] slirp: fix ICMP handling on macOS hosts
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Andrew Oates <aoates@google.com>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"

From: Andrew Oates <aoates@google.com>

On Linux, SOCK_DGRAM+IPPROTO_ICMP sockets give only the ICMP packet when
read from.  On macOS, however, the socket acts like a SOCK_RAW socket
and includes the IP header as well.

This change strips the extra IP header from the received packet on macOS
before sending it to the guest.  SOCK_DGRAM ICMP sockets aren't
supported on other BSDs, but we enable this behavior for them as well to
treat the sockets the same as raw sockets.

Signed-off-by: Andrew Oates <aoates@google.com>
---
v2: check validity of inner_hlen and update len appropriately
v3: CONFIG_DARWIN -> CONFIG_BSD; add comment explaining #ifdef
v4: drop packets that are too short for an IP header

 slirp/ip_icmp.c | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/slirp/ip_icmp.c b/slirp/ip_icmp.c
index 0b667a429a..da100d1f55 100644
--- a/slirp/ip_icmp.c
+++ b/slirp/ip_icmp.c
@@ -420,7 +420,32 @@ void icmp_receive(struct socket *so)
     icp =3D mtod(m, struct icmp *);
=20
     id =3D icp->icmp_id;
-    len =3D qemu_recv(so->s, icp, m->m_len, 0);
+    len =3D qemu_recv(so->s, icp, M_ROOM(m), 0);
+    /*
+     * The behavior of reading SOCK_DGRAM+IPPROTO_ICMP sockets is inconsis=
tent
+     * between host OSes.  On Linux, only the ICMP header and payload is
+     * included.  On macOS/Darwin, the socket acts like a raw socket and
+     * includes the IP header as well.  On other BSDs, SOCK_DGRAM+IPPROTO_=
ICMP
+     * sockets aren't supported at all, so we treat them like raw sockets.=
  It
+     * isn't possible to detect this difference at runtime, so we must use=
 an
+     * #ifdef to determine if we need to remove the IP header.
+     */
+#ifdef CONFIG_BSD
+    if (len >=3D sizeof(struct ip)) {
+        struct ip *inner_ip =3D mtod(m, struct ip *);
+        int inner_hlen =3D inner_ip->ip_hl << 2;
+        if (inner_hlen > len) {
+            len =3D -1;
+            errno =3D -EINVAL;
+        } else {
+            len -=3D inner_hlen;
+            memmove(icp, (unsigned char *)icp + inner_hlen, len);
+        }
+    } else {
+      len =3D -1;
+      errno =3D -EINVAL;
+    }
+#endif
     icp->icmp_id =3D id;
=20
     m->m_data -=3D hlen;
--=20
2.17.0