tailscale/wgengine/monitor/monitor_linux.go

// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// +build !android

package monitor

import (
	"fmt"
	"net"
	"time"

	"github.com/jsimonetti/rtnetlink"
	"github.com/mdlayher/netlink"
	"golang.org/x/sys/unix"
	"inet.af/netaddr"
	"tailscale.com/net/tsaddr"
	"tailscale.com/types/logger"
)

// unspecifiedMessage is a minimal message implementation that should not
// be ignored. In general, OS-specific implementations should use better
// types and avoid this if they can.
type unspecifiedMessage struct{}

func (unspecifiedMessage) ignore() bool { return false }

// nlConn wraps a *netlink.Conn and returns a monitor.Message
// instead of a netlink.Message. Currently, messages are discarded,
// but down the line, when messages trigger different logic depending
// on the type of event, this provides the capability of handling
// each architecture-specific message in a generic fashion.
type nlConn struct {
	logf     logger.Logf
	conn     *netlink.Conn
	buffered []netlink.Message
}

func newOSMon(logf logger.Logf) (osMon, error) {
	conn, err := netlink.Dial(unix.NETLINK_ROUTE, &netlink.Config{
		// IPv4 address and route changes. Routes get us most of the
		// events of interest, but we need address as well to cover
		// things like DHCP deciding to give us a new address upon
		// renewal - routing wouldn't change, but all reachability
		// would.
		Groups: unix.RTMGRP_IPV4_IFADDR | unix.RTMGRP_IPV4_ROUTE,
	})
	if err != nil {
		return nil, fmt.Errorf("dialing netlink socket: %v", err)
	}
	return &nlConn{logf: logf, conn: conn}, nil
}

func (c *nlConn) Close() error {
	c.conn.SetDeadline(time.Unix(0, 0)) // abort any Receive in flight
	return c.conn.Close()
}

func (c *nlConn) Receive() (message, error) {
	if len(c.buffered) == 0 {
		var err error
		c.buffered, err = c.conn.Receive()
		if err != nil {
			return nil, err
		}
		if len(c.buffered) == 0 {
			// Unexpected. Not seen in wild, but sleep defensively.
			time.Sleep(time.Second)
			return ignoreMessage{}, nil
		}
	}
	msg := c.buffered[0]
	c.buffered = c.buffered[1:]

	// See https://github.com/torvalds/linux/blob/master/include/uapi/linux/rtnetlink.h
	// And https://man7.org/linux/man-pages/man7/rtnetlink.7.html
	switch msg.Header.Type {
	case unix.RTM_NEWADDR, unix.RTM_DELADDR:
		var rmsg rtnetlink.AddressMessage
		if err := rmsg.UnmarshalBinary(msg.Data); err != nil {
			c.logf("failed to parse type 0x%x: %v", msg.Header.Type, err)
			return unspecifiedMessage{}, nil
		}
		return &newAddrMessage{
			Label:  rmsg.Attributes.Label,
			Addr:   netaddrIP(rmsg.Attributes.Local),
			Delete: msg.Header.Type == unix.RTM_DELADDR,
		}, nil
	case unix.RTM_NEWROUTE:
		var rmsg rtnetlink.RouteMessage
		if err := rmsg.UnmarshalBinary(msg.Data); err != nil {
			c.logf("RTM_NEWROUTE: failed to parse: %v", err)
			return unspecifiedMessage{}, nil
		}
		return &newRouteMessage{
			Table:   rmsg.Table,
			Src:     netaddrIP(rmsg.Attributes.Src),
			Dst:     netaddrIP(rmsg.Attributes.Dst),
			Gateway: netaddrIP(rmsg.Attributes.Gateway),
		}, nil
	default:
		c.logf("unhandled netlink msg type 0x%x: %+v, %q", msg.Header.Type, msg.Header, msg.Data)
		return unspecifiedMessage{}, nil
	}
}

func netaddrIP(std net.IP) netaddr.IP {
	ip, _ := netaddr.FromStdIP(std)
	return ip
}

// newRouteMessage is a message for a new route being added.
type newRouteMessage struct {
	Src, Dst, Gateway netaddr.IP
	Table             uint8
}

func (m *newRouteMessage) ignore() bool {
	return m.Table == 88 || tsaddr.IsTailscaleIP(m.Dst)
}

// newAddrMessage is a message for a new address being added.
type newAddrMessage struct {
	Delete bool
	Addr   netaddr.IP
	Label  string // netlink Label attribute (e.g. "tailscale0")
}

func (m *newAddrMessage) ignore() bool {
	return tsaddr.IsTailscaleIP(m.Addr)
}

type ignoreMessage struct{}

func (ignoreMessage) ignore() bool { return true }
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.`
			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`

wgengine/monitor: disable monitor on Android Netlink is not supported on Android. Signed-off-by: Elias Naur <mail@eliasnaur.com> 2020-04-24 15:23:32 +02:00			`// +build !android`

monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`package monitor`

			`import (`
			`"fmt"`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`"net"`
wgengine/monitor: make Close not block forever on Linux Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-02-17 11:28:07 -08:00			`"time"`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`"github.com/jsimonetti/rtnetlink"`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`"github.com/mdlayher/netlink"`
			`"golang.org/x/sys/unix"`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`"inet.af/netaddr"`
			`"tailscale.com/net/tsaddr"`
			`"tailscale.com/types/logger"`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`)`

wgengine: fix macos staticcheck errors (#557) Signed-off-by: Wendi <wendi.yu@yahoo.ca> 2020-07-14 17:28:02 -06:00			`// unspecifiedMessage is a minimal message implementation that should not`
			`// be ignored. In general, OS-specific implementations should use better`
			`// types and avoid this if they can.`
			`type unspecifiedMessage struct{}`

			`func (unspecifiedMessage) ignore() bool { return false }`

monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`// nlConn wraps a *netlink.Conn and returns a monitor.Message`
			`// instead of a netlink.Message. Currently, messages are discarded,`
			`// but down the line, when messages trigger different logic depending`
			`// on the type of event, this provides the capability of handling`
			`// each architecture-specific message in a generic fashion.`
			`type nlConn struct {`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`logf logger.Logf`
			`conn *netlink.Conn`
			`buffered []netlink.Message`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`}`

wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`func newOSMon(logf logger.Logf) (osMon, error) {`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`conn, err := netlink.Dial(unix.NETLINK_ROUTE, &netlink.Config{`
			`// IPv4 address and route changes. Routes get us most of the`
			`// events of interest, but we need address as well to cover`
			`// things like DHCP deciding to give us a new address upon`
			`// renewal - routing wouldn't change, but all reachability`
			`// would.`
wgengine/monitor: use RTMGRP_* consts from x/sys/unix Bump golang.org/x/sys/unix to get the RTMGRP_* consts and use them. Signed-off-by: Tobias Klauser <tklauser@distanz.ch> 2020-02-17 22:12:35 +01:00			`Groups: unix.RTMGRP_IPV4_IFADDR \| unix.RTMGRP_IPV4_ROUTE,`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`})`
			`if err != nil {`
			`return nil, fmt.Errorf("dialing netlink socket: %v", err)`
			`}`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`return &nlConn{logf: logf, conn: conn}, nil`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`}`

			`func (c *nlConn) Close() error {`
wgengine/monitor: make Close not block forever on Linux Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-02-17 11:28:07 -08:00			`c.conn.SetDeadline(time.Unix(0, 0)) // abort any Receive in flight`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`return c.conn.Close()`
			`}`

wgengine: move link monitor to be owned by the engine, not the router And make the monitor package portable with no-op implementations on unsupported operating systems. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-02-17 09:00:38 -08:00			`func (c *nlConn) Receive() (message, error) {`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`if len(c.buffered) == 0 {`
			`var err error`
			`c.buffered, err = c.conn.Receive()`
			`if err != nil {`
			`return nil, err`
			`}`
			`if len(c.buffered) == 0 {`
			`// Unexpected. Not seen in wild, but sleep defensively.`
			`time.Sleep(time.Second)`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`return ignoreMessage{}, nil`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}`
			`}`
			`msg := c.buffered[0]`
			`c.buffered = c.buffered[1:]`

			`// See https://github.com/torvalds/linux/blob/master/include/uapi/linux/rtnetlink.h`
			`// And https://man7.org/linux/man-pages/man7/rtnetlink.7.html`
			`switch msg.Header.Type {`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`case unix.RTM_NEWADDR, unix.RTM_DELADDR:`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`var rmsg rtnetlink.AddressMessage`
			`if err := rmsg.UnmarshalBinary(msg.Data); err != nil {`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`c.logf("failed to parse type 0x%x: %v", msg.Header.Type, err)`
			`return unspecifiedMessage{}, nil`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}`
			`return &newAddrMessage{`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`Label: rmsg.Attributes.Label,`
			`Addr: netaddrIP(rmsg.Attributes.Local),`
			`Delete: msg.Header.Type == unix.RTM_DELADDR,`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}, nil`
			`case unix.RTM_NEWROUTE:`
			`var rmsg rtnetlink.RouteMessage`
			`if err := rmsg.UnmarshalBinary(msg.Data); err != nil {`
			`c.logf("RTM_NEWROUTE: failed to parse: %v", err)`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`return unspecifiedMessage{}, nil`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}`
			`return &newRouteMessage{`
			`Table: rmsg.Table,`
			`Src: netaddrIP(rmsg.Attributes.Src),`
			`Dst: netaddrIP(rmsg.Attributes.Dst),`
			`Gateway: netaddrIP(rmsg.Attributes.Gateway),`
			`}, nil`
			`default:`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`c.logf("unhandled netlink msg type 0x%x: %+v, %q", msg.Header.Type, msg.Header, msg.Data)`
wgengine/monitor: fix crash on Linux on type 21 messages Fixes #532 2020-07-07 10:44:54 -07:00			`return unspecifiedMessage{}, nil`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`}`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}`

			`func netaddrIP(std net.IP) netaddr.IP {`
			`ip, _ := netaddr.FromStdIP(std)`
			`return ip`
			`}`

			`// newRouteMessage is a message for a new route being added.`
			`type newRouteMessage struct {`
			`Src, Dst, Gateway netaddr.IP`
			`Table uint8`
			`}`

			`func (m *newRouteMessage) ignore() bool {`
			`return m.Table == 88 \|\| tsaddr.IsTailscaleIP(m.Dst)`
			`}`

			`// newAddrMessage is a message for a new address being added.`
			`type newAddrMessage struct {`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00			`Delete bool`
			`Addr netaddr.IP`
			`Label string // netlink Label attribute (e.g. "tailscale0")`
wgengine/monitor: parse Linux netlink messages, ignore our own events Fixes tailscale/corp#412 ("flood of link change events at start-up") Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> 2020-07-06 16:36:57 -07:00			`}`

			`func (m *newAddrMessage) ignore() bool {`
			`return tsaddr.IsTailscaleIP(m.Addr)`
monitor: refactor for architecture-specific connection implementations Signed-off-by: wardn <wardn@users.noreply.github.com> 2020-02-12 12:53:55 -08:00			`}`
wgengine/monitor: fix other potential crashes on Linux Never return "nil, nil" anymore. The caller expected a usable interface now. I missed some of these earlier. Also, handle address deletion now. Updates #532 2020-07-07 11:07:12 -07:00
			`type ignoreMessage struct{}`

			`func (ignoreMessage) ignore() bool { return true }`