wgengine/router: rely on events for deleted IP rules (#16744)

Adds the eventbus to the router subsystem. The event is currently only used on linux. Also includes facilities to inject events into the bus. Updates #15160 Signed-off-by: Claus Lensbøl <claus@tailscale.com>
2025-08-14 15:07:55 +00:00 · 2025-08-05 08:31:51 -04:00
parent b0018f1e7d
commit 5bb42e3018
15 changed files with 132 additions and 82 deletions
--- a/net/netmon/netmon.go
+++ b/net/netmon/netmon.go
@@ -66,7 +66,6 @@ type Monitor struct {

 	mu         sync.Mutex // guards all following fields
 	cbs        set.HandleSet[ChangeFunc]
-	ruleDelCB  set.HandleSet[RuleDeleteCallback]
 	ifState    *State
 	gwValid    bool       // whether gw and gwSelfIP are valid
 	gw         netip.Addr // our gateway's IP
@@ -224,29 +223,6 @@ func (m *Monitor) RegisterChangeCallback(callback ChangeFunc) (unregister func()
 	}
 }

-// RuleDeleteCallback is a callback when a Linux IP policy routing
-// rule is deleted. The table is the table number (52, 253, 354) and
-// priority is the priority order number (for Tailscale rules
-// currently: 5210, 5230, 5250, 5270)
-type RuleDeleteCallback func(table uint8, priority uint32)
-
-// RegisterRuleDeleteCallback adds callback to the set of parties to be
-// notified (in their own goroutine) when a Linux ip rule is deleted.
-// To remove this callback, call unregister (or close the monitor).
-func (m *Monitor) RegisterRuleDeleteCallback(callback RuleDeleteCallback) (unregister func()) {
-	if m.static {
-		return func() {}
-	}
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	handle := m.ruleDelCB.Add(callback)
-	return func() {
-		m.mu.Lock()
-		defer m.mu.Unlock()
-		delete(m.ruleDelCB, handle)
-	}
-}
-
 // Start starts the monitor.
 // A monitor can only be started & closed once.
 func (m *Monitor) Start() {
@@ -359,10 +335,6 @@ func (m *Monitor) pump() {
 			time.Sleep(time.Second)
 			continue
 		}
-		if rdm, ok := msg.(ipRuleDeletedMessage); ok {
-			m.notifyRuleDeleted(rdm)
-			continue
-		}
 		if msg.ignore() {
 			continue
 		}
@@ -370,14 +342,6 @@ func (m *Monitor) pump() {
 	}
 }

-func (m *Monitor) notifyRuleDeleted(rdm ipRuleDeletedMessage) {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	for _, cb := range m.ruleDelCB {
-		go cb(rdm.table, rdm.priority)
-	}
-}
-
 // isInterestingInterface reports whether the provided interface should be
 // considered when checking for network state changes.
 // The ips parameter should be the IPs of the provided interface.
@@ -624,10 +588,3 @@ func (m *Monitor) checkWallTimeAdvanceLocked() bool {
 func (m *Monitor) resetTimeJumpedLocked() {
 	m.timeJumped = false
 }
-
-type ipRuleDeletedMessage struct {
-	table    uint8
-	priority uint32
-}
-
-func (ipRuleDeletedMessage) ignore() bool { return true }
--- a/net/netmon/netmon_linux.go
+++ b/net/netmon/netmon_linux.go
@@ -241,18 +241,15 @@ func (c *nlConn) Receive() (message, error) {
 			// On `ip -4 rule del pref 5210 table main`, logs:
 			// monitor: ip rule deleted: {Family:2 DstLength:0 SrcLength:0 Tos:0 Table:254 Protocol:0 Scope:0 Type:1 Flags:0 Attributes:{Dst:<nil> Src:<nil> Gateway:<nil> OutIface:0 Priority:5210 Table:254 Mark:4294967295 Expires:<nil> Metrics:<nil> Multipath:[]}}
 		}
-		c.rulesDeleted.Publish(RuleDeleted{
+		rd := RuleDeleted{
 			Table:    rmsg.Table,
 			Priority: rmsg.Attributes.Priority,
-		})
-		rdm := ipRuleDeletedMessage{
-			table:    rmsg.Table,
-			priority: rmsg.Attributes.Priority,
 		}
+		c.rulesDeleted.Publish(rd)
 		if debugNetlinkMessages() {
-			c.logf("%+v", rdm)
+			c.logf("%+v", rd)
 		}
-		return rdm, nil
+		return ignoreMessage{}, nil
 	case unix.RTM_NEWLINK, unix.RTM_DELLINK:
 		// This is an unhandled message, but don't print an error.
 		// See https://github.com/tailscale/tailscale/issues/6806