Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / 3cfadbe0eb07e60e877bf925f53c67740d7bd9a3 / . / patchpanel / multicast_forwarder.cc
blob: 78a578ef301002c403d6f34b510ff617b5cc91ee [file] [log] [blame]
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]1// Copyright 2016 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]5#include "patchpanel/multicast_forwarder.h"
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]6
7#include <arpa/inet.h>
Hugo Benichidcce1142019-06-17 10:52:15 +0900[diff] [blame]8#include <net/if.h>
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]9#include <netinet/ip.h>
10#include <string.h>
Hugo Benichidcce1142019-06-17 10:52:15 +0900[diff] [blame]11#include <sys/ioctl.h>
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]12#include <sys/socket.h>
13#include <sys/types.h>
14
Kevin Cernekeeb2c0c832016-12-06 11:47:57 -0800[diff] [blame]15#include <utility>
16
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]17#include <base/bind.h>
18#include <base/logging.h>
19#include <base/message_loop/message_loop.h>
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]20
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]21#include "patchpanel/dns/dns_protocol.h"
22#include "patchpanel/dns/dns_response.h"
23#include "patchpanel/net_util.h"
24#include "patchpanel/socket.h"
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]25
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]26namespace {
27
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]28const int kBufSize = 1536;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]29
Hugo Benichidcce1142019-06-17 10:52:15 +0900[diff] [blame]30// Returns the IPv4 address assigned to the interface on which the given socket
31// is bound. Or returns INADDR_ANY if the interface has no IPv4 address.
32struct in_addr GetInterfaceIp(int fd, const std::string& ifname) {
33 if (ifname.empty()) {
34 LOG(WARNING) << "Empty interface name";
35 return {0};
36 }
37
38 struct ifreq ifr;
39 memset(&ifr, 0, sizeof(ifr));
40 strncpy(ifr.ifr_name, ifname.c_str(), IFNAMSIZ);
41 if (ioctl(fd, SIOCGIFADDR, &ifr) < 0) {
42 // Ignore EADDRNOTAVAIL: IPv4 was not provisioned.
43 if (errno != EADDRNOTAVAIL) {
44 PLOG(ERROR) << "SIOCGIFADDR failed for " << ifname;
45 }
46 return {0};
47 }
48
49 struct sockaddr_in* if_addr =
50 reinterpret_cast<struct sockaddr_in*>(&ifr.ifr_addr);
51 return if_addr->sin_addr;
52}
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]53
54// Fills sockaddr_storage values.
55void SetSockaddr(struct sockaddr_storage* saddr_storage,
56 sa_family_t sa_family,
57 uint16_t port,
58 char* addr) {
59 struct sockaddr* saddr = reinterpret_cast<sockaddr*>(saddr_storage);
60 if (sa_family == AF_INET) {
61 struct sockaddr_in* saddr4 = reinterpret_cast<struct sockaddr_in*>(saddr);
62 saddr4->sin_family = AF_INET;
63 saddr4->sin_port = htons(port);
64 if (addr)
65 memcpy(&saddr4->sin_addr, addr, sizeof(struct in_addr));
66 return;
67 }
68 if (sa_family == AF_INET6) {
69 struct sockaddr_in6* saddr6 = reinterpret_cast<sockaddr_in6*>(saddr);
70 saddr6->sin6_family = AF_INET6;
71 saddr6->sin6_port = htons(port);
72 if (addr)
73 memcpy(&saddr6->sin6_addr, addr, sizeof(struct in6_addr));
74 return;
75 }
76 LOG(ERROR) << "Invalid socket family " << sa_family;
77}
78
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]79} // namespace
80
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]81namespace patchpanel {
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]82
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]83MulticastForwarder::Socket::Socket(
84 base::ScopedFD fd,
85 sa_family_t sa_family,
86 const base::Callback<void(int, sa_family_t)>& callback)
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]87 : fd(std::move(fd)) {
88 watcher = base::FileDescriptorWatcher::WatchReadable(
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]89 Socket::fd.get(),
90 base::BindRepeating(callback, Socket::fd.get(), sa_family));
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]91}
92
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]93MulticastForwarder::MulticastForwarder(const std::string& lan_ifname,
94 uint32_t mcast_addr,
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]95 const std::string& mcast_addr6,
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]96 uint16_t port)
97 : lan_ifname_(lan_ifname), port_(port) {
98 mcast_addr_.s_addr = mcast_addr;
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]99 CHECK(inet_pton(AF_INET6, mcast_addr6.c_str(), mcast_addr6_.s6_addr));
100
101 base::ScopedFD lan_fd(Bind(AF_INET, lan_ifname_));
102 if (!lan_fd.is_valid()) {
103 LOG(WARNING) << "Could not bind socket on " << lan_ifname_ << " for "
104 << mcast_addr_ << ":" << port_;
105 }
106
107 base::ScopedFD lan_fd6(Bind(AF_INET6, lan_ifname_));
108 if (!lan_fd6.is_valid()) {
109 LOG(WARNING) << "Could not bind socket on " << lan_ifname_ << " for "
110 << mcast_addr6_ << ":" << port_;
111 }
112
113 lan_socket_.emplace(
114 AF_INET, new Socket(std::move(lan_fd), AF_INET,
115 base::BindRepeating(
116 &MulticastForwarder::OnFileCanReadWithoutBlocking,
117 base::Unretained(this))));
118
119 lan_socket_.emplace(
120 AF_INET6,
121 new Socket(
122 std::move(lan_fd6), AF_INET6,
123 base::BindRepeating(&MulticastForwarder::OnFileCanReadWithoutBlocking,
124 base::Unretained(this))));
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]125}
126
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]127base::ScopedFD MulticastForwarder::Bind(sa_family_t sa_family,
128 const std::string& ifname) {
129 char mcast_addr[INET6_ADDRSTRLEN];
130 inet_ntop(sa_family,
131 sa_family == AF_INET ? reinterpret_cast<const void*>(&mcast_addr_)
132 : reinterpret_cast<const void*>(&mcast_addr6_),
133 mcast_addr, INET6_ADDRSTRLEN);
134
135 base::ScopedFD fd(socket(sa_family, SOCK_DGRAM, 0));
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]136 if (!fd.is_valid()) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]137 PLOG(ERROR) << "socket() failed on " << ifname << " for " << mcast_addr
138 << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]139 return base::ScopedFD();
140 }
141
142 // The socket needs to be bound to INADDR_ANY rather than a specific
143 // interface, or it will not receive multicast traffic. Therefore
144 // we use SO_BINDTODEVICE to force TX from this interface, and
145 // specify the interface address in IP_ADD_MEMBERSHIP to control RX.
146 struct ifreq ifr;
147 memset(&ifr, 0, sizeof(ifr));
148 strncpy(ifr.ifr_name, ifname.c_str(), IFNAMSIZ);
149 if (setsockopt(fd.get(), SOL_SOCKET, SO_BINDTODEVICE, &ifr, sizeof(ifr))) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]150 PLOG(ERROR) << "setsockopt(SO_BINDTODEVICE) failed on " << ifname << " for "
151 << mcast_addr << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]152 return base::ScopedFD();
153 }
154
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]155 int ifindex = if_nametoindex(ifname.c_str());
156 if (ifindex == 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]157 PLOG(ERROR) << "Could not obtain interface index of " << ifname << " for "
158 << mcast_addr << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]159 return base::ScopedFD();
160 }
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]161
162 int level, optname;
163 if (sa_family == AF_INET) {
164 struct ip_mreqn mreqn;
165 memset(&mreqn, 0, sizeof(mreqn));
166 mreqn.imr_multiaddr = mcast_addr_;
167 mreqn.imr_address.s_addr = htonl(INADDR_ANY);
168 mreqn.imr_ifindex = ifindex;
169 if (setsockopt(fd.get(), IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreqn,
170 sizeof(mreqn)) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]171 PLOG(ERROR) << "Can't add IPv4 multicast membership for on " << ifname
172 << " for " << mcast_addr_ << ":" << port_;
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]173 return base::ScopedFD();
174 }
175
176 level = IPPROTO_IP;
177 optname = IP_MULTICAST_LOOP;
178 } else if (sa_family == AF_INET6) {
179 struct ipv6_mreq mreqn;
180 memset(&mreqn, 0, sizeof(mreqn));
181 mreqn.ipv6mr_multiaddr = mcast_addr6_;
182 mreqn.ipv6mr_interface = ifindex;
183 if (setsockopt(fd.get(), IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreqn,
184 sizeof(mreqn)) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]185 PLOG(ERROR) << "Can't add IPv6 multicast membership on " << ifname
186 << " for " << mcast_addr6_ << ":" << port_;
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]187 return base::ScopedFD();
188 }
189
190 level = IPPROTO_IPV6;
191 optname = IPV6_MULTICAST_LOOP;
192 } else {
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]193 return base::ScopedFD();
194 }
195
196 int off = 0;
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]197 if (setsockopt(fd.get(), level, optname, &off, sizeof(off))) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]198 PLOG(ERROR) << "setsockopt(IP_MULTICAST_LOOP) failed on " << ifname
199 << " for " << mcast_addr << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]200 return base::ScopedFD();
201 }
202
203 int on = 1;
204 if (setsockopt(fd.get(), SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]205 PLOG(ERROR) << "setsockopt(SO_REUSEADDR) failed on " << ifname << " for "
206 << mcast_addr << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]207 return base::ScopedFD();
208 }
209
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]210 struct sockaddr_storage bind_addr = {0};
211 SetSockaddr(&bind_addr, sa_family, port_, nullptr);
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]212
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]213 if (bind(fd.get(), (const struct sockaddr*)&bind_addr,
214 sizeof(struct sockaddr_storage)) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]215 PLOG(ERROR) << "bind(" << port_ << ") failed for on " << ifname << " for "
216 << mcast_addr << ":" << port_;
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]217 return base::ScopedFD();
218 }
219
220 return fd;
221}
222
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]223bool MulticastForwarder::AddGuest(const std::string& int_ifname) {
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]224 if (int_sockets_.find(std::make_pair(AF_INET, int_ifname)) !=
225 int_sockets_.end() ||
226 int_sockets_.find(std::make_pair(AF_INET6, int_ifname)) !=
227 int_sockets_.end()) {
Jason Jeremy Iman3f062ea2019-11-12 08:37:53 +0900[diff] [blame]228 LOG(WARNING) << "Forwarding is already started between " << lan_ifname_
229 << " and " << int_ifname;
230 return false;
231 }
232
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]233 bool success = false;
234
235 // Set up IPv4 multicast forwarder.
236 base::ScopedFD int_fd4(Bind(AF_INET, int_ifname));
237 if (int_fd4.is_valid()) {
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]238 int_fds_.emplace(std::make_pair(AF_INET, int_fd4.get()));
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]239
240 std::unique_ptr<Socket> int_socket4 = std::make_unique<Socket>(
241 std::move(int_fd4), AF_INET,
242 base::BindRepeating(&MulticastForwarder::OnFileCanReadWithoutBlocking,
243 base::Unretained(this)));
244
245 int_sockets_.emplace(std::make_pair(AF_INET, int_ifname),
246 std::move(int_socket4));
247
248 success = true;
249 LOG(INFO) << "Started IPv4 forwarding between " << lan_ifname_ << " and "
250 << int_ifname << " for " << mcast_addr_ << ":" << port_;
251 } else {
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]252 LOG(WARNING) << "Could not bind socket on " << int_ifname << " for "
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]253 << mcast_addr_ << ":" << port_;
Hugo Benichi935eca92018-07-03 13:47:24 +0900[diff] [blame]254 }
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]255
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]256 // Set up IPv6 multicast forwarder.
257 base::ScopedFD int_fd6(Bind(AF_INET6, int_ifname));
258 if (int_fd6.is_valid()) {
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]259 int_fds_.emplace(std::make_pair(AF_INET6, int_fd6.get()));
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]260
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]261 std::unique_ptr<Socket> int_socket6 = std::make_unique<Socket>(
262 std::move(int_fd6), AF_INET6,
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]263 base::BindRepeating(&MulticastForwarder::OnFileCanReadWithoutBlocking,
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]264 base::Unretained(this)));
265
266 int_sockets_.emplace(std::make_pair(AF_INET6, int_ifname),
267 std::move(int_socket6));
268
269 success = true;
270 LOG(INFO) << "Started IPv6 forwarding between " << lan_ifname_ << " and "
271 << int_ifname << " for " << mcast_addr6_ << ":" << port_;
272 } else {
273 LOG(WARNING) << "Could not bind socket on " << int_ifname << " for "
274 << mcast_addr6_ << ":" << port_;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]275 }
276
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]277 return success;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]278}
279
Jason Jeremy Imand89b5f52019-10-24 10:39:17 +0900[diff] [blame]280void MulticastForwarder::RemoveGuest(const std::string& int_ifname) {
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]281 const auto& socket4 = int_sockets_.find(std::make_pair(AF_INET, int_ifname));
282 if (socket4 != int_sockets_.end()) {
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]283 int_fds_.erase(std::make_pair(AF_INET, socket4->second->fd.get()));
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]284 int_sockets_.erase(socket4);
285 } else {
286 LOG(WARNING) << "IPv4 forwarding is not started between " << lan_ifname_
Jason Jeremy Iman3f062ea2019-11-12 08:37:53 +0900[diff] [blame]287 << " and " << int_ifname;
Jason Jeremy Imand89b5f52019-10-24 10:39:17 +0900[diff] [blame]288 }
289
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]290 const auto& socket6 = int_sockets_.find(std::make_pair(AF_INET6, int_ifname));
291 if (socket6 != int_sockets_.end()) {
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]292 int_fds_.erase(std::make_pair(AF_INET6, socket6->second->fd.get()));
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]293 int_sockets_.erase(socket6);
294 } else {
295 LOG(WARNING) << "IPv6 forwarding is not started between " << lan_ifname_
296 << " and " << int_ifname;
297 }
Jason Jeremy Imand89b5f52019-10-24 10:39:17 +0900[diff] [blame]298}
299
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]300void MulticastForwarder::OnFileCanReadWithoutBlocking(int fd,
301 sa_family_t sa_family) {
302 CHECK(sa_family == AF_INET || sa_family == AF_INET6);
Jason Jeremy Iman97ac56d2019-10-09 14:15:35 +0900[diff] [blame]303
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]304 char data[kBufSize];
305
306 struct sockaddr_storage fromaddr_storage = {0};
307 struct sockaddr* fromaddr =
308 reinterpret_cast<struct sockaddr*>(&fromaddr_storage);
309
310 socklen_t addrlen = sizeof(struct sockaddr_storage);
311
312 ssize_t len = recvfrom(fd, data, kBufSize, 0, fromaddr, &addrlen);
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]313 if (len < 0) {
Hugo Benichic4499672019-04-26 15:24:23 +0900[diff] [blame]314 PLOG(WARNING) << "recvfrom failed";
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]315 return;
Hugo Benichic4499672019-04-26 15:24:23 +0900[diff] [blame]316 }
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]317
318 socklen_t expectlen = sa_family == AF_INET ? sizeof(struct sockaddr_in)
319 : sizeof(struct sockaddr_in6);
320 if (addrlen != expectlen) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]321 LOG(WARNING) << "recvfrom failed: src addr length was " << addrlen
322 << " but expected " << expectlen;
Hugo Benichic4499672019-04-26 15:24:23 +0900[diff] [blame]323 return;
324 }
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]325
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]326 struct sockaddr_storage dst_storage = {0};
327 struct sockaddr* dst = reinterpret_cast<struct sockaddr*>(&dst_storage);
328 uint16_t src_port;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]329
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]330 if (sa_family == AF_INET) {
331 const struct sockaddr_in* addr4 =
332 reinterpret_cast<const struct sockaddr_in*>(fromaddr);
333 src_port = ntohs(addr4->sin_port);
334 } else if (sa_family == AF_INET6) {
335 const struct sockaddr_in6* addr6 =
336 reinterpret_cast<const struct sockaddr_in6*>(fromaddr);
337 src_port = ntohs(addr6->sin6_port);
338 }
339 SetSockaddr(&dst_storage, sa_family, port_,
340 sa_family == AF_INET ? reinterpret_cast<char*>(&mcast_addr_)
341 : reinterpret_cast<char*>(&mcast_addr6_));
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]342
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]343 // Forward ingress traffic to all guests.
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]344 const auto& lan_socket = lan_socket_.find(sa_family);
345 if ((lan_socket != lan_socket_.end() && fd == lan_socket->second->fd.get())) {
346 SendToGuests(data, len, dst, addrlen);
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]347 return;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]348 }
349
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]350 const auto& int_fd = int_fds_.find(std::make_pair(sa_family, fd));
351 if (int_fd == int_fds_.end() || lan_socket == lan_socket_.end())
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]352 return;
353
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]354 // Forward egress traffic from one guest to all other guests.
355 // No IP translation is required as other guests can route to each other
356 // behind the SNAT setup.
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]357 SendToGuests(data, len, dst, addrlen, fd);
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]358
359 // On mDNS, sending to physical network requires translating any IPv4
360 // address specific to the guest and not visible to the physical network.
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]361 if (sa_family == AF_INET && port_ == kMdnsPort) {
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]362 // TODO(b/132574450) The replacement address should instead be specified
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]363 // as an input argument, based on the properties of the network
364 // currently connected on |lan_ifname_|.
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]365 const struct in_addr lan_ip =
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]366 GetInterfaceIp(lan_socket->second->fd.get(), lan_ifname_);
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]367 if (lan_ip.s_addr == htonl(INADDR_ANY)) {
368 // When the physical interface has no IPv4 address, IPv4 is not
369 // provisioned and there is no point in trying to forward traffic in
370 // either direction.
371 return;
372 }
Jason Jeremy Iman51a94cc2020-03-06 14:36:23 +0900[diff] [blame]373 TranslateMdnsIp(
374 lan_ip, reinterpret_cast<const struct sockaddr_in*>(fromaddr)->sin_addr,
375 data, len);
Hidehiko Abede129222019-08-16 00:55:04 +0900[diff] [blame]376 }
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]377
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]378 // Forward egress traffic from one guest to outside network.
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]379 SendTo(src_port, data, len, dst, addrlen);
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]380}
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]381
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]382bool MulticastForwarder::SendTo(uint16_t src_port,
383 const void* data,
384 ssize_t len,
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]385 const struct sockaddr* dst,
386 socklen_t dst_len) {
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]387 if (src_port == port_) {
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]388 int lan_fd = lan_socket_.find(dst->sa_family)->second->fd.get();
389 if (sendto(lan_fd, data, len, 0, dst, dst_len) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]390 PLOG(WARNING) << "sendto " << *dst << " on " << lan_ifname_
391 << " from port " << src_port << " failed";
Jason Jeremy Iman6e8855f2019-10-09 12:12:38 +0900[diff] [blame]392 return false;
393 }
394 return true;
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]395 }
396
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]397 patchpanel::Socket temp_socket(dst->sa_family, SOCK_DGRAM);
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]398
399 struct ifreq ifr;
400 memset(&ifr, 0, sizeof(ifr));
401 strncpy(ifr.ifr_name, lan_ifname_.c_str(), IFNAMSIZ);
402 if (setsockopt(temp_socket.fd(), SOL_SOCKET, SO_BINDTODEVICE, &ifr,
403 sizeof(ifr))) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]404 PLOG(ERROR) << "setsockopt(SO_BINDTODEVICE) failed";
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]405 return false;
406 }
407
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]408 int level, optname;
409 struct sockaddr_storage bind_addr_storage = {0};
410 struct sockaddr* bind_addr = reinterpret_cast<sockaddr*>(&bind_addr_storage);
411 if (dst->sa_family == AF_INET) {
412 level = IPPROTO_IP;
413 optname = IP_MULTICAST_LOOP;
414 } else if (dst->sa_family == AF_INET6) {
415 level = IPPROTO_IPV6;
416 optname = IPV6_MULTICAST_LOOP;
417 } else {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]418 LOG(ERROR) << "Unexpected sa_family " << dst->sa_family;
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]419 return false;
420 }
421 SetSockaddr(&bind_addr_storage, dst->sa_family, src_port, nullptr);
422
Jason Jeremy Iman8fa749c2020-02-05 19:59:58 +0900[diff] [blame]423 int flag = 0;
424 if (setsockopt(temp_socket.fd(), level, optname, &flag, sizeof(flag))) {
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]425 PLOG(ERROR) << "setsockopt(IP_MULTICAST_LOOP) failed";
426 return false;
427 }
428
Jason Jeremy Iman8fa749c2020-02-05 19:59:58 +0900[diff] [blame]429 flag = 1;
430 if (setsockopt(temp_socket.fd(), SOL_SOCKET, SO_REUSEADDR, &flag,
431 sizeof(flag))) {
432 PLOG(ERROR) << "setsockopt(SO_REUSEADDR) failed";
433 return false;
434 }
435
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]436 if (!temp_socket.Bind(bind_addr, sizeof(struct sockaddr_storage)))
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]437 return false;
438
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]439 if (!temp_socket.SendTo(data, len, dst, dst_len)) {
440 PLOG(WARNING) << "sendto " << *dst << " on " << lan_ifname_ << " from port "
441 << src_port << " failed";
442 return false;
443 }
444 return true;
Kevin Cernekee95d4ae92016-06-19 10:26:29 -0700[diff] [blame]445}
446
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]447bool MulticastForwarder::SendToGuests(const void* data,
448 ssize_t len,
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]449 const struct sockaddr* dst,
450 socklen_t dst_len,
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]451 int ignore_fd) {
452 bool success = true;
453 for (const auto& socket : int_sockets_) {
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]454 if (socket.first.first != dst->sa_family)
455 continue;
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]456 int fd = socket.second->fd.get();
457 if (fd == ignore_fd)
458 continue;
459
460 // Use already created multicast fd.
Jason Jeremy Imand04ad282019-10-09 14:15:35 +0900[diff] [blame]461 if (sendto(fd, data, len, 0, dst, dst_len) < 0) {
Hugo Benichi3cfadbe2020-08-14 11:42:27 +0900[diff] [blame^]462 PLOG(WARNING) << "sendto " << socket.first.second << " failed";
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]463 success = false;
464 }
465 }
466 return success;
467}
468
Hugo Benichi1661ca02019-10-16 15:36:13 +0900[diff] [blame]469// static
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]470void MulticastForwarder::TranslateMdnsIp(const struct in_addr& lan_ip,
Hugo Benichi1661ca02019-10-16 15:36:13 +0900[diff] [blame]471 const struct in_addr& guest_ip,
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]472 char* data,
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]473 ssize_t len) {
Hugo Benichi1661ca02019-10-16 15:36:13 +0900[diff] [blame]474 if (guest_ip.s_addr == htonl(INADDR_ANY)) {
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]475 return;
476 }
477
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]478 // Make sure this is a valid, successful DNS response from the Android
479 // host.
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]480 if (len > net::dns_protocol::kMaxUDPSize || len <= 0) {
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]481 return;
482 }
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]483
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]484 net::DnsResponse resp;
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]485 memcpy(resp.io_buffer()->data(), data, len);
486 if (!resp.InitParseWithoutQuery(len) ||
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]487 !(resp.flags() & net::dns_protocol::kFlagResponse) ||
488 resp.rcode() != net::dns_protocol::kRcodeNOERROR) {
489 return;
490 }
491
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]492 // Check all A records for the internal IP, and replace it with |lan_ip|
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]493 // if it is found.
494 net::DnsRecordParser parser = resp.Parser();
495 while (!parser.AtEnd()) {
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]496 const size_t ipv4_addr_len = sizeof(lan_ip.s_addr);
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]497
498 net::DnsResourceRecord record;
Kevin Cernekee41fbbb72017-07-26 14:09:40 -0700[diff] [blame]499 if (!parser.ReadRecord(&record)) {
500 break;
501 }
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]502 if (record.type == net::dns_protocol::kTypeA &&
503 record.rdata.size() == ipv4_addr_len) {
Jason Jeremy Iman267a3372019-11-19 13:15:22 +0900[diff] [blame]504 struct in_addr rr_ip;
505 memcpy(&rr_ip, record.rdata.data(), ipv4_addr_len);
506 if (guest_ip.s_addr == rr_ip.s_addr) {
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]507 // HACK: This is able to calculate the (variable) offset of the IPv4
Jason Jeremy Imanf63bc652019-10-09 12:41:30 +0900[diff] [blame]508 // address inside the resource record by assuming that the
509 // StringPiece returns a pointer inside the io_buffer. It works
510 // today, but future libchrome changes might break it.
Jason Jeremy Iman267a3372019-11-19 13:15:22 +0900[diff] [blame]511 size_t ip_offset = record.rdata.data() - resp.io_buffer()->data();
Jason Jeremy Iman52933042019-10-09 11:53:34 +0900[diff] [blame]512 CHECK(ip_offset <= len - ipv4_addr_len);
Hugo Benichi5b37b1d2019-06-07 13:22:26 +0900[diff] [blame]513 memcpy(&data[ip_offset], &lan_ip.s_addr, ipv4_addr_len);
Kevin Cernekee73e09202017-06-17 20:55:09 -0700[diff] [blame]514 }
515 }
516 }
517}
518
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]519} // namespace patchpanel