Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / a0727dc808c109a5ed56e45d0d191cdbb3c37a55^! / . / patchpanel / datapath.cc
commita0727dc808c109a5ed56e45d0d191cdbb3c37a55[log] [tgz]
authorTaoyu Li <taoyl@google.com>Thu Sep 24 19:54:59 2020 +0900
committerCommit Bot <commit-bot@chromium.org>Fri Oct 02 09:55:25 2020 +0000
tree0202ae3322568b8000f8adc64ffadd6b61d31059
parenteb82187f0263886ba814e3d0bd0c3e9cbfb2cf70 [diff] [blame]
patchpanel: ndproxy: assign public v6 addr to guest-facing ifs

Currently there is no public IPv6 address assigned on the
guest-facing interfaces (arc bridges and taps) when device is on
IPv6 network. This is causing Linux choosing a wrong src address
on packets directly originated from host to guest and drop the
returning traffic.

This patch generates an EUI-64 address based on virtual interface
MAC address upon receiving an RA, and add it to the interface.

BUG=chromium:1069985
TEST=unit;fuzz
TEST=manual(deploy on octopus and verify pinging penguin from host)

Change-Id: Id3ae953df6b3c84411461294bbc8dbd236cef901
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2428652
Tested-by: Taoyu Li <taoyl@chromium.org>
Reviewed-by: Garrick Evans <garrick@chromium.org>
Reviewed-by: Hugo Benichi <hugobenichi@google.com>
Commit-Queue: Taoyu Li <taoyl@chromium.org>

diff --git a/patchpanel/datapath.cc b/patchpanel/datapath.cc
index 8a3e038..a1f09e0 100644
--- a/patchpanel/datapath.cc
+++ b/patchpanel/datapath.cc

@@ -534,15 +534,14 @@
   process_runner_->ip6("route", "del", {ipv6_addr_cidr, "dev", ifname});
 }
 
-bool Datapath::AddIPv6Neighbor(const std::string& ifname,
-                               const std::string& ipv6_addr) {
-  return process_runner_->ip6("neigh", "add",
-                              {"proxy", ipv6_addr, "dev", ifname}) == 0;
+bool Datapath::AddIPv6Address(const std::string& ifname,
+                              const std::string& ipv6_addr) {
+  return process_runner_->ip6("addr", "add", {ipv6_addr, "dev", ifname}) == 0;
 }
 
-void Datapath::RemoveIPv6Neighbor(const std::string& ifname,
-                                  const std::string& ipv6_addr) {
-  process_runner_->ip6("neigh", "del", {"proxy", ipv6_addr, "dev", ifname});
+void Datapath::RemoveIPv6Address(const std::string& ifname,
+                                 const std::string& ipv6_addr) {
+  process_runner_->ip6("addr", "del", {ipv6_addr, "dev", ifname});
 }
 
 bool Datapath::ModifyFwmarkSourceTag(const std::string& op,
@@ -725,7 +724,7 @@
   return ModifyRtentry(SIOCDELRT, &route);
 }
 
-bool Datapath::ModifyRtentry(unsigned long op, struct rtentry* route) {
+bool Datapath::ModifyRtentry(ioctl_req_t op, struct rtentry* route) {
   DCHECK(route);
   if (op != SIOCADDRT && op != SIOCDELRT) {
     LOG(ERROR) << "Invalid operation " << op << " for rtentry " << *route;