patchpanel: directly write to /proc/sys/net/
This patch changes patchpanel to not interact with /proc/sys/net runtime
configuration through /usr/sbin/sysctl but instead directly writing to a
fixed set of files in /proc/sys/net.
After the device has booted, reading the following /proc/sys path
returns the expected content:
localhost ~ # cat /proc/sys/net/ipv4/ip_forward
1
localhost ~ # cat /proc/sys/net/ipv4/ip_local_port_range
32768 47103
localhost ~ # cat /proc/sys/net/ipv6/conf/all/forwarding
1
BUG=b:178980566
TEST=Unit tests. Flashed rammus, checked that /proc/sys/net
configuration on the host happens as expected, checked that ndproxyd
starts correctly.
Change-Id: I1cfa71c3ccd88bdfd89c81b5a75b0c0912b39c72
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2738499
Tested-by: Hugo Benichi <hugobenichi@google.com>
Commit-Queue: Hugo Benichi <hugobenichi@google.com>
Reviewed-by: Garrick Evans <garrick@chromium.org>
diff --git a/patchpanel/system.h b/patchpanel/system.h
index be9249d..011aedb 100644
--- a/patchpanel/system.h
+++ b/patchpanel/system.h
@@ -5,6 +5,8 @@
#ifndef PATCHPANEL_SYSTEM_H_
#define PATCHPANEL_SYSTEM_H_
+#include <string>
+
#include <net/if.h>
#include <net/route.h>
#include <sys/ioctl.h>
@@ -21,16 +23,42 @@
// tests.
class System {
public:
+ // Enum used for restricting the possible paths that SysNetSet can write to.
+ enum SysNet {
+ // Used for modifying "net.ipv4.ip_forward"
+ IPv4Forward = 1,
+ // Used for modifying "net.ipv4.ip_local_port_range"
+ IPLocalPortRange,
+ // Used for modifying "net.ipv4.conf.%s.route_localnet", requires an
+ // interface
+ // argument
+ IPv4RouteLocalnet,
+ // Used for modifying "net.ipv6.conf.%s.accept_ra", requires an interface
+ // argument
+ IPv6AcceptRA,
+ // Used for modifying "net.ipv6.conf.all.forwarding"
+ IPv6Forward,
+ // Used for enabling netfilter connection tracking helper modules.
+ ConntrackHelper,
+ };
+
System() = default;
System(const System&) = delete;
System& operator=(const System&) = delete;
virtual ~System() = default;
+ // Write |content| to a "/proc/sys/net/" path as specified by |target|
+ virtual bool SysNetSet(SysNet target,
+ const std::string& content,
+ const std::string& iface = "");
+
virtual int Ioctl(int fd, ioctl_req_t request, const char* argp);
int Ioctl(int fd, ioctl_req_t request, uint64_t arg);
int Ioctl(int fd, ioctl_req_t request, struct ifreq* ifr);
int Ioctl(int fd, ioctl_req_t request, struct rtentry* route);
+ static bool Write(const std::string& path, const std::string& content);
+
private:
};