commit 5dafb0e92cef0e60fa83a8056f59fc93f5bfd572
author Hungming Chen <nuccachen@google.com> Wed Nov 24 20:19:43 2021 +0800
committer Hungming Chen <nuccachen@google.com> Thu Dec 30 22:54:35 2021 +0800
tree 31c5bf547bd640a7fce8fd6f515be7b1f8df2090
parent 06367f38702a763777652aff8f2ac50c57772dbb

[RFCLAT#3] Move the tun interface setup from clatd to netd

This is a preparation for reducing the clatd required capability.

Function change:
- configure_tun_ip(), detect_mtu() are moved to netd/ClatdController
- move Clatd_Config.ipv4_local_subnet setup from configure_tun_ip() to
  main() because configure_tun_ip() is removed. translate.c needs
  the clat IPv4 address for 4->6, 6>->4 address translation.

Bug: 212345928
Test: manual test
1. Connect to ipv6-only wifi.
2. Try IPv4 traffic.
   $ ping 8.8.8.8

Change-Id: Ibf80b17865f414f329ab7c50836595f3b99360e2

clatd.c

diff --git a/clatd.c b/clatd.c
index 6a0a0d8..865a568 100644
--- a/clatd.c
+++ b/clatd.c
@@ -104,37 +104,6 @@
   return 1;
 }
 
-/* function: configure_tun_ip
- * configures the ipv4 and ipv6 addresses on the tunnel interface
- *   tunnel - tun device data
- *   mtu    - mtu of tun device
- */
-void configure_tun_ip(const struct tun_data *tunnel, const char *v4_addr, int mtu) {
-  if (!v4_addr || !inet_pton(AF_INET, v4_addr, &Global_Clatd_Config.ipv4_local_subnet.s_addr)) {
-    logmsg(ANDROID_LOG_FATAL, "Invalid IPv4 address %s", v4_addr);
-    exit(1);
-  }
-
-  char addrstr[INET_ADDRSTRLEN];
-  inet_ntop(AF_INET, &Global_Clatd_Config.ipv4_local_subnet, addrstr, sizeof(addrstr));
-  logmsg(ANDROID_LOG_INFO, "Using IPv4 address %s on %s", addrstr, tunnel->device4);
-
-  // Configure the interface before bringing it up. As soon as we bring the interface up, the
-  // framework will be notified and will assume the interface's configuration has been finalized.
-  int status = add_address(tunnel->device4, AF_INET, &Global_Clatd_Config.ipv4_local_subnet, 32,
-                           &Global_Clatd_Config.ipv4_local_subnet);
-  if (status < 0) {
-    logmsg(ANDROID_LOG_FATAL, "configure_tun_ip/if_address(4) failed: %s", strerror(-status));
-    exit(1);
-  }
-
-  status = if_up(tunnel->device4, mtu);
-  if (status < 0) {
-    logmsg(ANDROID_LOG_FATAL, "configure_tun_ip/if_up(4) failed: %s", strerror(-status));
-    exit(1);
-  }
-}
-
 /* function: set_capability
  * set the permitted, effective and inheritable capabilities of the current
  * thread
@@ -230,76 +199,21 @@
   return 1;
 }
 
-int detect_mtu(const struct in6_addr *plat_subnet, uint32_t plat_suffix, uint32_t mark) {
-  // Create an IPv6 UDP socket.
-  int s = socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
-  if (s < 0) {
-    logmsg(ANDROID_LOG_FATAL, "socket(AF_INET6, SOCK_DGRAM, 0) failed");
-    exit(1);
-  }
-
-  // Socket's mark affects routing decisions (network selection)
-  if ((mark != MARK_UNSET) && setsockopt(s, SOL_SOCKET, SO_MARK, &mark, sizeof(mark))) {
-    logmsg(ANDROID_LOG_FATAL, "setsockopt(SOL_SOCKET, SO_MARK) failed: %s", strerror(errno));
-    exit(1);
-  }
-
-  // Try to connect udp socket to plat_subnet(96 bits):plat_suffix(32 bits)
-  struct sockaddr_in6 dst = {
-    .sin6_family = AF_INET6,
-    .sin6_addr   = *plat_subnet,
-  };
-  dst.sin6_addr.s6_addr32[3] = plat_suffix;
-  if (connect(s, (struct sockaddr *)&dst, sizeof(dst))) {
-    logmsg(ANDROID_LOG_FATAL, "connect() failed: %s", strerror(errno));
-    exit(1);
-  }
-
-  // Fetch the socket's IPv6 mtu - this is effectively fetching mtu from routing table
-  int mtu;
-  socklen_t sz_mtu = sizeof(mtu);
-  if (getsockopt(s, SOL_IPV6, IPV6_MTU, &mtu, &sz_mtu)) {
-    logmsg(ANDROID_LOG_FATAL, "getsockopt(SOL_IPV6, IPV6_MTU) failed: %s", strerror(errno));
-    exit(1);
-  }
-  if (sz_mtu != sizeof(mtu)) {
-    logmsg(ANDROID_LOG_FATAL, "getsockopt(SOL_IPV6, IPV6_MTU) returned unexpected size: %d",
-           sz_mtu);
-    exit(1);
-  }
-  close(s);
-
-  return mtu;
-}
-
 /* function: configure_interface
  * reads the configuration and applies it to the interface
  *   uplink_interface - network interface to use to reach the ipv6 internet
  *   plat_prefix      - PLAT prefix to use
- *   v4_addr          - the v4 address to use on the tunnel interface
  *   v6_addr          - the v6 address to use on the native interface
  *   tunnel           - tun device data
- *   mark             - the socket mark to use for the sending raw socket
  */
-void configure_interface(const char *uplink_interface, const char *plat_prefix, const char *v4_addr,
-                         const char *v6_addr, struct tun_data *tunnel, uint32_t mark) {
+void configure_interface(const char *uplink_interface, const char *plat_prefix, const char *v6_addr,
+                         struct tun_data *tunnel) {
   Global_Clatd_Config.native_ipv6_interface = uplink_interface;
   if (!plat_prefix || inet_pton(AF_INET6, plat_prefix, &Global_Clatd_Config.plat_subnet) <= 0) {
     logmsg(ANDROID_LOG_FATAL, "invalid IPv6 address specified for plat prefix: %s", plat_prefix);
     exit(1);
   }
 
-  int mtu = detect_mtu(&Global_Clatd_Config.plat_subnet, htonl(0x08080808), mark);
-  // clamp to minimum ipv6 mtu - this probably cannot ever trigger
-  if (mtu < 1280) mtu = 1280;
-  // clamp to buffer size
-  if (mtu > MAXMTU) mtu = MAXMTU;
-  // decrease by ipv6(40) + ipv6 fragmentation header(8) vs ipv4(20) overhead of 28 bytes
-  mtu -= MTU_DELTA;
-  logmsg(ANDROID_LOG_WARN, "ipv4 mtu is %d", mtu);
-
-  configure_tun_ip(tunnel, v4_addr, mtu);
-
   if (!configure_clat_ipv6_address(tunnel, uplink_interface, v6_addr)) {
     exit(1);
   }

clatd.h

diff --git a/clatd.h b/clatd.h
index 21f3c95..a42768c 100644
--- a/clatd.h
+++ b/clatd.h
@@ -38,15 +38,13 @@
 
 extern volatile sig_atomic_t running;
 
-void configure_tun_ip(const struct tun_data *tunnel, const char *v4_addr, int mtu);
 void set_capability(uint64_t target_cap);
 void drop_root_and_caps();
 int ipv6_address_changed(const char *interface);
 int configure_clat_ipv6_address(const struct tun_data *tunnel, const char *interface,
                                 const char *src_addr);
-int detect_mtu(const struct in6_addr *plat_subnet, uint32_t plat_suffix, uint32_t mark);
-void configure_interface(const char *uplink_interface, const char *plat_prefix, const char *v4_addr,
-                         const char *v6, struct tun_data *tunnel, uint32_t mark);
+void configure_interface(const char *uplink_interface, const char *plat_prefix, const char *v6,
+                         struct tun_data *tunnel);
 void event_loop(struct tun_data *tunnel);
 
 /* function: parse_int

main.c

diff --git a/main.c b/main.c
index 96fbd0d..fe88dfd 100644
--- a/main.c
+++ b/main.c
@@ -145,12 +145,17 @@
     exit(1);
   }
 
+  if (!v4_addr || !inet_pton(AF_INET, v4_addr, &Global_Clatd_Config.ipv4_local_subnet.s_addr)) {
+    logmsg(ANDROID_LOG_FATAL, "Invalid IPv4 address %s", v4_addr);
+    exit(1);
+  }
+
   logmsg(ANDROID_LOG_INFO, "Starting clat version %s on %s mark=%s plat=%s v4=%s v6=%s",
          CLATD_VERSION, uplink_interface, mark_str ? mark_str : "(none)",
          plat_prefix ? plat_prefix : "(none)", v4_addr ? v4_addr : "(none)",
          v6_addr ? v6_addr : "(none)");
 
-  configure_interface(uplink_interface, plat_prefix, v4_addr, v6_addr, &tunnel, mark);
+  configure_interface(uplink_interface, plat_prefix, v6_addr, &tunnel);
 
   // run under a regular user with no capabilities
   drop_root_and_caps();