From 66664b316761c89de62f043dbe4608d84634c113 Mon Sep 17 00:00:00 2001
From: David Anderson <dave@tailscale.com>
Date: Wed, 19 Mar 2025 10:47:25 -0700
Subject: [PATCH] wgengine/router: default to a fake router on android

The regular android app constructs its own wgengine with
additional FFI shims, so this default codepath only affects
other handcrafted buids like tsnet, which do not let the
caller customize the innards of wgengine.

Android >=14 forbids the use of netlink sockets, which makes
the standard linux router fail to initialize.

Fixes #9836

Signed-off-by: David Anderson <dave@tailscale.com>
---
 wgengine/router/router_android.go | 29 +++++++++++++++++++++++++++++
 wgengine/router/router_linux.go   |  2 ++
 2 files changed, 31 insertions(+)
 create mode 100644 wgengine/router/router_android.go

diff --git a/wgengine/router/router_android.go b/wgengine/router/router_android.go
new file mode 100644
index 000000000..deeccda4a
--- /dev/null
+++ b/wgengine/router/router_android.go
@@ -0,0 +1,29 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build android
+
+package router
+
+import (
+	"github.com/tailscale/wireguard-go/tun"
+	"tailscale.com/health"
+	"tailscale.com/net/netmon"
+	"tailscale.com/types/logger"
+)
+
+func newUserspaceRouter(logf logger.Logf, tunDev tun.Device, netMon *netmon.Monitor, health *health.Tracker) (Router, error) {
+	// Note, this codepath is _not_ used when building the android app
+	// from github.com/tailscale/tailscale-android. The android app
+	// constructs its own wgengine with a custom router implementation
+	// that plugs into Android networking APIs.
+	//
+	// In practice, the only place this fake router gets used is when
+	// you build a tsnet app for android, in which case we don't want
+	// to touch the OS network stack and a no-op router is correct.
+	return NewFake(logf), nil
+}
+
+func cleanUp(logf logger.Logf, interfaceName string) {
+	// Nothing to do here.
+}
diff --git a/wgengine/router/router_linux.go b/wgengine/router/router_linux.go
index 80191b248..adc54c88d 100644
--- a/wgengine/router/router_linux.go
+++ b/wgengine/router/router_linux.go
@@ -1,6 +1,8 @@
 // Copyright (c) Tailscale Inc & AUTHORS
 // SPDX-License-Identifier: BSD-3-Clause
 
+//go:build !android
+
 package router
 
 import (