[RFCLAT#1] Move the raw socket creation from clatd to netd
This is a preparation for reducing the clatd required capability.
Function change:
Opening raw socket in open_sockets() is moved to ClatdController
Argument change:
-w [write socket file descriptor number] (added)
Test: manual test
1. Connect to ipv6-only wifi.
2. Try a IPv4 traffic.
$ ping 8.8.8.8
Change-Id: I9b4ea3de76dffd98cbab37c4091ad1a7e688dbc2
diff --git a/clatd.c b/clatd.c
index 7ec3454..4a34bf3 100644
--- a/clatd.c
+++ b/clatd.c
@@ -182,19 +182,7 @@
* tunnel - tun device data
* mark - the socket mark to use for the sending raw socket
*/
-void open_sockets(struct tun_data *tunnel, uint32_t mark) {
- int rawsock = socket(AF_INET6, SOCK_RAW | SOCK_NONBLOCK | SOCK_CLOEXEC, IPPROTO_RAW);
- if (rawsock < 0) {
- logmsg(ANDROID_LOG_FATAL, "raw socket failed: %s", strerror(errno));
- exit(1);
- }
-
- if (mark != MARK_UNSET && setsockopt(rawsock, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0) {
- logmsg(ANDROID_LOG_ERROR, "could not set mark on raw socket: %s", strerror(errno));
- }
-
- tunnel->write_fd6 = rawsock;
-
+void open_sockets(struct tun_data *tunnel) {
// Will eventually be bound to htons(ETH_P_IPV6) protocol,
// but only after appropriate bpf filter is attached.
tunnel->read_fd6 = socket(AF_PACKET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
diff --git a/clatd.h b/clatd.h
index 75ffea3..6907829 100644
--- a/clatd.h
+++ b/clatd.h
@@ -41,7 +41,7 @@
void configure_tun_ip(const struct tun_data *tunnel, const char *v4_addr, int mtu);
void set_capability(uint64_t target_cap);
void drop_root_and_caps();
-void open_sockets(struct tun_data *tunnel, uint32_t mark);
+void open_sockets(struct tun_data *tunnel);
int ipv6_address_changed(const char *interface);
int configure_clat_ipv6_address(const struct tun_data *tunnel, const char *interface,
const char *src_addr);
diff --git a/main.c b/main.c
index d452985..e4f7356 100644
--- a/main.c
+++ b/main.c
@@ -51,6 +51,7 @@
printf("-6 [IPv6 address]\n");
printf("-m [socket mark]\n");
printf("-t [tun file descriptor number]\n");
+ printf("-w [write socket descriptor number]\n");
}
/* function: main
@@ -60,11 +61,11 @@
struct tun_data tunnel;
int opt;
char *uplink_interface = NULL, *plat_prefix = NULL, *mark_str = NULL;
- char *v4_addr = NULL, *v6_addr = NULL, *tunfd_str = NULL;
+ char *v4_addr = NULL, *v6_addr = NULL, *tunfd_str = NULL, *write_sock_str = NULL;
uint32_t mark = MARK_UNSET;
unsigned len;
- while ((opt = getopt(argc, argv, "i:p:4:6:m:t:h")) != -1) {
+ while ((opt = getopt(argc, argv, "i:p:4:6:m:t:w:h")) != -1) {
switch (opt) {
case 'i':
uplink_interface = optarg;
@@ -84,6 +85,9 @@
case 't':
tunfd_str = optarg;
break;
+ case 'w':
+ write_sock_str = optarg;
+ break;
case 'h':
print_help();
exit(0);
@@ -112,6 +116,15 @@
exit(1);
}
+ if (write_sock_str != NULL && !parse_int(write_sock_str, &tunnel.write_fd6)) {
+ logmsg(ANDROID_LOG_FATAL, "invalid sock_write %s", write_sock_str);
+ exit(1);
+ }
+ if (!tunnel.write_fd6) {
+ logmsg(ANDROID_LOG_FATAL, "no write_fd6 specified on commandline.");
+ exit(1);
+ }
+
len = snprintf(tunnel.device4, sizeof(tunnel.device4), "%s%s", DEVICEPREFIX, uplink_interface);
if (len >= sizeof(tunnel.device4)) {
logmsg(ANDROID_LOG_FATAL, "interface name too long '%s'", tunnel.device4);
@@ -124,7 +137,7 @@
v6_addr ? v6_addr : "(none)");
// open our raw sockets before dropping privs
- open_sockets(&tunnel, mark);
+ open_sockets(&tunnel);
configure_interface(uplink_interface, plat_prefix, v4_addr, v6_addr, &tunnel, mark);