net/sockopts,wgengine/magicsock: export socket buffer sizing logic (#16909)

For eventual use by net/udprelay.Server Updates tailscale/corp#31164 Signed-off-by: Jordan Whited <jordan@tailscale.com>
2025-12-27 04:46:40 +00:00 · 2025-08-20 16:24:00 -07:00
parent b48d2de6ab
commit 641a90ea33
11 changed files with 119 additions and 52 deletions
--- a/net/sockopts/sockopts.go
+++ b/net/sockopts/sockopts.go
@@ -0,0 +1,37 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+// Package sockopts contains logic for applying socket options.
+package sockopts
+
+import (
+	"net"
+	"runtime"
+
+	"tailscale.com/types/nettype"
+)
+
+// BufferDirection represents either the read/receive or write/send direction
+// of a socket buffer.
+type BufferDirection string
+
+const (
+	ReadDirection  BufferDirection = "read"
+	WriteDirection BufferDirection = "write"
+)
+
+func portableSetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) error {
+	if runtime.GOOS == "plan9" {
+		// Not supported. Don't try. Avoid logspam.
+		return nil
+	}
+	var err error
+	if c, ok := pconn.(*net.UDPConn); ok {
+		if direction == WriteDirection {
+			err = c.SetWriteBuffer(size)
+		} else {
+			err = c.SetReadBuffer(size)
+		}
+	}
+	return err
+}
--- a/net/sockopts/sockopts_default.go
+++ b/net/sockopts/sockopts_default.go
@@ -0,0 +1,21 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !linux
+
+package sockopts
+
+import (
+	"tailscale.com/types/nettype"
+)
+
+// SetBufferSize sets pconn's buffer to size for direction. size may be silently
+// capped depending on platform.
+//
+// errForce is only relevant for Linux, and will always be nil otherwise,
+// but we maintain a consistent cross-platform API.
+//
+// If pconn is not a [*net.UDPConn], then SetBufferSize is no-op.
+func SetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) (errForce error, errPortable error) {
+	return nil, portableSetBufferSize(pconn, direction, size)
+}
--- a/net/sockopts/sockopts_linux.go
+++ b/net/sockopts/sockopts_linux.go
@@ -0,0 +1,40 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build linux
+
+package sockopts
+
+import (
+	"net"
+	"syscall"
+
+	"tailscale.com/types/nettype"
+)
+
+// SetBufferSize sets pconn's buffer to size for direction. It attempts
+// (errForce) to set SO_SNDBUFFORCE or SO_RECVBUFFORCE which can overcome the
+// limit of net.core.{r,w}mem_max, but require CAP_NET_ADMIN. It falls back to
+// the portable implementation (errPortable) if that fails, which may be
+// silently capped to net.core.{r,w}mem_max.
+//
+// If pconn is not a [*net.UDPConn], then SetBufferSize is no-op.
+func SetBufferSize(pconn nettype.PacketConn, direction BufferDirection, size int) (errForce error, errPortable error) {
+	opt := syscall.SO_RCVBUFFORCE
+	if direction == WriteDirection {
+		opt = syscall.SO_SNDBUFFORCE
+	}
+	if c, ok := pconn.(*net.UDPConn); ok {
+		var rc syscall.RawConn
+		rc, errForce = c.SyscallConn()
+		if errForce == nil {
+			rc.Control(func(fd uintptr) {
+				errForce = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, opt, size)
+			})
+		}
+		if errForce != nil {
+			errPortable = portableSetBufferSize(pconn, direction, size)
+		}
+	}
+	return errForce, errPortable
+}
--- a/net/sockopts/sockopts_unix_test.go
+++ b/net/sockopts/sockopts_unix_test.go
@@ -0,0 +1,61 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build unix
+
+package sockopts
+
+import (
+	"net"
+	"syscall"
+	"testing"
+
+	"tailscale.com/types/nettype"
+)
+
+func TestSetBufferSize(t *testing.T) {
+	c, err := net.ListenPacket("udp", ":0")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer c.Close()
+
+	rc, err := c.(*net.UDPConn).SyscallConn()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	getBufs := func() (int, int) {
+		var rcv, snd int
+		rc.Control(func(fd uintptr) {
+			rcv, err = syscall.GetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_RCVBUF)
+			if err != nil {
+				t.Errorf("getsockopt(SO_RCVBUF): %v", err)
+			}
+			snd, err = syscall.GetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_SNDBUF)
+			if err != nil {
+				t.Errorf("getsockopt(SO_SNDBUF): %v", err)
+			}
+		})
+		return rcv, snd
+	}
+
+	curRcv, curSnd := getBufs()
+
+	SetBufferSize(c.(nettype.PacketConn), ReadDirection, 7<<20)
+	SetBufferSize(c.(nettype.PacketConn), WriteDirection, 7<<20)
+
+	newRcv, newSnd := getBufs()
+
+	if curRcv > newRcv {
+		t.Errorf("SO_RCVBUF decreased: %v -> %v", curRcv, newRcv)
+	}
+	if curSnd > newSnd {
+		t.Errorf("SO_SNDBUF decreased: %v -> %v", curSnd, newSnd)
+	}
+
+	// On many systems we may not increase the value, particularly running as a
+	// regular user, so log the information for manual verification.
+	t.Logf("SO_RCVBUF: %v -> %v", curRcv, newRcv)
+	t.Logf("SO_SNDBUF: %v -> %v", curRcv, newRcv)
+}