Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / 992d7256bae651f116d4e32acff8e0c9517e6ee3 / . / patchpanel / datapath.h
blob: 80346d0df293bdaab7d9af60d75df3fea389f48c [file] [log] [blame]
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]1// Copyright 2019 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]5#ifndef PATCHPANEL_DATAPATH_H_
6#define PATCHPANEL_DATAPATH_H_
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]7
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]8#include <net/route.h>
Hugo Benichi33860d72020-07-09 16:34:01 +0900[diff] [blame]9#include <sys/types.h>
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]10
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]11#include <string>
12
13#include <base/macros.h>
14
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]15#include "patchpanel/mac_address_generator.h"
16#include "patchpanel/minijailed_process_runner.h"
17#include "patchpanel/subnet.h"
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]18
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]19namespace patchpanel {
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]20
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]21// cros lint will yell to force using int16/int64 instead of long here, however
22// note that unsigned long IS the correct signature for ioctl in Linux kernel -
23// it's 32 bits on 32-bit platform and 64 bits on 64-bit one.
24using ioctl_req_t = unsigned long;
25typedef int (*ioctl_t)(int, ioctl_req_t, ...);
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]26
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]27// Returns for given interface name the host name of a ARC veth pair.
Garrick Evans2f581a02020-05-11 10:43:35 +0900[diff] [blame]28std::string ArcVethHostName(const std::string& ifname);
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]29
Garrick Evans8a067562020-05-11 12:47:30 +0900[diff] [blame]30// Returns the ARC bridge interface name for the given interface.
31std::string ArcBridgeName(const std::string& ifname);
32
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]33// ARC networking data path configuration utility.
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]34// IPV4 addresses are always specified in singular dotted-form (a.b.c.d)
35// (not in CIDR representation
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]36class Datapath {
37 public:
38 // |process_runner| must not be null; it is not owned.
39 explicit Datapath(MinijailedProcessRunner* process_runner);
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]40 // Provided for testing only.
41 Datapath(MinijailedProcessRunner* process_runner, ioctl_t ioctl_hook);
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]42 virtual ~Datapath() = default;
43
Hugo Benichi33860d72020-07-09 16:34:01 +0900[diff] [blame]44 // Attaches the name |netns_name| to a network namespace identified by
45 // |netns_pid|. If |netns_name| had already been created, it will be deleted
46 // first.
47 virtual bool NetnsAttachName(const std::string& netns_name, pid_t netns_pid);
48
49 // Deletes the name |netns_name| of a network namespace.
50 virtual bool NetnsDeleteName(const std::string& netns_name);
51
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]52 virtual bool AddBridge(const std::string& ifname,
Garrick Evans7a1a9ee2020-01-28 11:03:57 +0900[diff] [blame]53 uint32_t ipv4_addr,
54 uint32_t ipv4_prefix_len);
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]55 virtual void RemoveBridge(const std::string& ifname);
56
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]57 virtual bool AddToBridge(const std::string& br_ifname,
58 const std::string& ifname);
59
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]60 // Adds a new TAP device.
61 // |name| may be empty, in which case a default device name will be used;
62 // it may be a template (e.g. vmtap%d), in which case the kernel will
63 // generate the name; or it may be fully defined. In all cases, upon success,
64 // the function returns the actual name of the interface.
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]65 // |mac_addr| and |ipv4_addr| should be null if this interface will be later
66 // bridged.
Garrick Evans4f9f5572019-11-26 10:25:16 +0900[diff] [blame]67 // If |user| is empty, no owner will be set
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]68 virtual std::string AddTAP(const std::string& name,
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]69 const MacAddress* mac_addr,
70 const SubnetAddress* ipv4_addr,
Garrick Evans4f9f5572019-11-26 10:25:16 +0900[diff] [blame]71 const std::string& user);
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]72
73 // |ifname| must be the actual name of the interface.
74 virtual void RemoveTAP(const std::string& ifname);
75
76 // The following are iptables methods.
77 // When specified, |ipv4_addr| is always singlar dotted-form (a.b.c.d)
78 // IPv4 address (not a CIDR representation).
79
Hugo Benichi76675592020-04-08 14:29:57 +0900[diff] [blame]80 // Creates a virtual interface pair split across the current namespace and the
81 // namespace corresponding to |pid|, and set up the remote interface
82 // |peer_ifname| according // to the given parameters.
83 virtual bool ConnectVethPair(pid_t pid,
Hugo Benichi33860d72020-07-09 16:34:01 +0900[diff] [blame]84 const std::string& netns_name,
Hugo Benichi76675592020-04-08 14:29:57 +0900[diff] [blame]85 const std::string& veth_ifname,
86 const std::string& peer_ifname,
87 const MacAddress& remote_mac_addr,
88 uint32_t remote_ipv4_addr,
89 uint32_t remote_ipv4_prefix_len,
90 bool remote_multicast_flag);
91
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]92 // Creates a virtual interface pair.
Hugo Benichi33860d72020-07-09 16:34:01 +0900[diff] [blame]93 virtual bool AddVirtualInterfacePair(const std::string& netns_ifname,
94 const std::string& veth_ifname,
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]95 const std::string& peer_ifname);
96
97 // Sets the link status.
98 virtual bool ToggleInterface(const std::string& ifname, bool up);
99
100 // Sets the configuration of an interface.
101 virtual bool ConfigureInterface(const std::string& ifname,
102 const MacAddress& mac_addr,
103 uint32_t ipv4_addr,
104 uint32_t ipv4_prefix_len,
105 bool up,
106 bool enable_multicast);
107
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]108 virtual void RemoveInterface(const std::string& ifname);
109
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]110 // Create (or delete) pre-routing rules allowing direct ingress on |ifname|
111 // to guest desintation |ipv4_addr|.
112 virtual bool AddInboundIPv4DNAT(const std::string& ifname,
113 const std::string& ipv4_addr);
114 virtual void RemoveInboundIPv4DNAT(const std::string& ifname,
115 const std::string& ipv4_addr);
116
117 // Create (or delete) a forwarding rule for |ifname|.
118 virtual bool AddOutboundIPv4(const std::string& ifname);
119 virtual void RemoveOutboundIPv4(const std::string& ifname);
120
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]121 // Creates (or deletes) the forwarding and postrouting rules for SNAT
122 // fwmarked IPv4 traffic.
123 virtual bool AddSNATMarkRules();
124 virtual void RemoveSNATMarkRules();
125
Garrick Evansff6e37f2020-05-25 10:54:47 +0900[diff] [blame]126 virtual bool AddInterfaceSNAT(const std::string& ifname);
127 virtual void RemoveInterfaceSNAT(const std::string& ifname);
128
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]129 // Create (or delete) a mangle PREROUTING rule for marking IPv4 traffic
130 // outgoing of |ifname| with the SNAT fwmark value 0x1.
131 // TODO(hugobenichi) Refer to RoutingService to obtain the fwmark value and
132 // add a fwmark mask in the generated rule.
133 virtual bool AddOutboundIPv4SNATMark(const std::string& ifname);
134 virtual void RemoveOutboundIPv4SNATMark(const std::string& ifname);
135
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]136 // Create (or delete) a forward rule for established connections.
137 virtual bool AddForwardEstablishedRule();
138 virtual void RemoveForwardEstablishedRule();
139
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]140 // Methods supporting IPv6 configuration for ARC.
Garrick Evans664a82f2019-12-17 12:18:05 +0900[diff] [blame]141 virtual bool MaskInterfaceFlags(const std::string& ifname,
142 uint16_t on,
143 uint16_t off = 0);
Garrick Evans260ff302019-07-25 11:22:50 +0900[diff] [blame]144
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]145 virtual bool AddIPv6Forwarding(const std::string& ifname1,
146 const std::string& ifname2);
147 virtual void RemoveIPv6Forwarding(const std::string& ifname1,
148 const std::string& ifname2);
149
Garrick Evans260ff302019-07-25 11:22:50 +0900[diff] [blame]150 virtual bool AddIPv6HostRoute(const std::string& ifname,
151 const std::string& ipv6_addr,
152 int ipv6_prefix_len);
153 virtual void RemoveIPv6HostRoute(const std::string& ifname,
154 const std::string& ipv6_addr,
155 int ipv6_prefix_len);
156
157 virtual bool AddIPv6Neighbor(const std::string& ifname,
158 const std::string& ipv6_addr);
159 virtual void RemoveIPv6Neighbor(const std::string& ifname,
160 const std::string& ipv6_addr);
161
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]162 // Adds (or deletes) a route to direct to |gateway_addr| the traffic destined
163 // to the subnet defined by |addr| and |netmask|.
Garrick Evans3d97a392020-02-21 15:24:37 +0900[diff] [blame]164 virtual bool AddIPv4Route(uint32_t gateway_addr,
165 uint32_t addr,
166 uint32_t netmask);
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]167 virtual bool DeleteIPv4Route(uint32_t gateway_addr,
168 uint32_t addr,
169 uint32_t netmask);
170 // Adds (or deletes) a route to direct to |ifname| the traffic destined to the
171 // subnet defined by |addr| and |netmask|.
172 virtual bool AddIPv4Route(const std::string& ifname,
173 uint32_t addr,
174 uint32_t netmask);
175 virtual bool DeleteIPv4Route(const std::string& ifname,
176 uint32_t addr,
177 uint32_t netmask);
Garrick Evans3d97a392020-02-21 15:24:37 +0900[diff] [blame]178
Garrick Evans260ff302019-07-25 11:22:50 +0900[diff] [blame]179 MinijailedProcessRunner& runner() const;
180
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]181 private:
182 MinijailedProcessRunner* process_runner_;
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]183 ioctl_t ioctl_;
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]184
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]185 bool ModifyRtentry(unsigned long op, struct rtentry* route);
186
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]187 DISALLOW_COPY_AND_ASSIGN(Datapath);
188};
189
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]190} // namespace patchpanel
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]191
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]192#endif // PATCHPANEL_DATAPATH_H_