| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 |
- //go:build linux && !android
- package tun
- import (
- "github.com/vishvananda/netlink"
- "golang.org/x/sys/unix"
- "gvisor.dev/gvisor/pkg/tcpip/link/fdbased"
- "gvisor.dev/gvisor/pkg/tcpip/stack"
- )
- // LinuxTun is an object that handles tun network interface on linux
- // current version is heavily stripped to do nothing more,
- // then create a network interface, to be provided as file descriptor to gVisor ip stack
- type LinuxTun struct {
- tunFd int
- tunLink netlink.Link
- options TunOptions
- }
- // LinuxTun implements Tun
- var _ Tun = (*LinuxTun)(nil)
- // LinuxTun implements GVisorTun
- var _ GVisorTun = (*LinuxTun)(nil)
- // NewTun builds new tun interface handler (linux specific)
- func NewTun(options TunOptions) (Tun, error) {
- tunFd, err := open(options.Name)
- if err != nil {
- return nil, err
- }
- tunLink, err := setup(options.Name, int(options.MTU))
- if err != nil {
- _ = unix.Close(tunFd)
- return nil, err
- }
- linuxTun := &LinuxTun{
- tunFd: tunFd,
- tunLink: tunLink,
- options: options,
- }
- return linuxTun, nil
- }
- // open the file that implements tun interface in the OS
- func open(name string) (int, error) {
- fd, err := unix.Open("/dev/net/tun", unix.O_RDWR, 0)
- if err != nil {
- return -1, err
- }
- ifr, err := unix.NewIfreq(name)
- if err != nil {
- _ = unix.Close(fd)
- return 0, err
- }
- flags := unix.IFF_TUN | unix.IFF_NO_PI
- ifr.SetUint16(uint16(flags))
- err = unix.IoctlIfreq(fd, unix.TUNSETIFF, ifr)
- if err != nil {
- _ = unix.Close(fd)
- return 0, err
- }
- err = unix.SetNonblock(fd, true)
- if err != nil {
- _ = unix.Close(fd)
- return 0, err
- }
- return fd, nil
- }
- // setup the interface through netlink socket
- func setup(name string, MTU int) (netlink.Link, error) {
- tunLink, err := netlink.LinkByName(name)
- if err != nil {
- return nil, err
- }
- err = netlink.LinkSetMTU(tunLink, MTU)
- if err != nil {
- _ = netlink.LinkSetDown(tunLink)
- return nil, err
- }
- return tunLink, nil
- }
- // Start is called by handler to bring tun interface to life
- func (t *LinuxTun) Start() error {
- err := netlink.LinkSetUp(t.tunLink)
- if err != nil {
- return err
- }
- return nil
- }
- // Close is called to shut down the tun interface
- func (t *LinuxTun) Close() error {
- _ = netlink.LinkSetDown(t.tunLink)
- _ = unix.Close(t.tunFd)
- return nil
- }
- // newEndpoint builds new gVisor stack.LinkEndpoint from the tun interface file descriptor
- func (t *LinuxTun) newEndpoint() (stack.LinkEndpoint, error) {
- return fdbased.New(&fdbased.Options{
- FDs: []int{t.tunFd},
- MTU: t.options.MTU,
- RXChecksumOffload: true,
- })
- }
|
