summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/socket/netstack/stack.go
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/sentry/socket/netstack/stack.go')
-rw-r--r--pkg/sentry/socket/netstack/stack.go45
1 files changed, 45 insertions, 0 deletions
diff --git a/pkg/sentry/socket/netstack/stack.go b/pkg/sentry/socket/netstack/stack.go
index ea199f223..751ba74ac 100644
--- a/pkg/sentry/socket/netstack/stack.go
+++ b/pkg/sentry/socket/netstack/stack.go
@@ -28,6 +28,7 @@ import (
"gvisor.dev/gvisor/pkg/tcpip/network/ipv6"
"gvisor.dev/gvisor/pkg/tcpip/stack"
"gvisor.dev/gvisor/pkg/tcpip/transport/tcp"
+ "gvisor.dev/gvisor/pkg/tcpip/link/tunnel"
)
// Stack implements inet.Stack for netstack/tcpip/stack.Stack.
@@ -51,6 +52,8 @@ func toLinuxARPHardwareType(t header.ARPHardwareType) uint16 {
return linux.ARPHRD_LOOPBACK
case header.ARPHardwareEther:
return linux.ARPHRD_ETHER
+ case header.ARPHardwareIPGRE:
+ return linux.ARPHRD_IPGRE
default:
panic(fmt.Sprintf("unknown ARPHRD type: %d", t))
}
@@ -74,6 +77,12 @@ func (s *Stack) Interfaces() map[int32]inet.Interface {
// RemoveInterface implements inet.Stack.RemoveInterface.
func (s *Stack) RemoveInterface(idx int32) error {
nic := tcpip.NICID(idx)
+ name := s.Stack.FindNICNameFromID(nic)
+
+ if name == "lo" || name == "eth0" {
+ return syserr.ErrNotPermitted.ToError()
+ }
+
return syserr.TranslateNetstackError(s.Stack.RemoveNIC(nic)).ToError()
}
@@ -146,6 +155,42 @@ func convertAddr(addr inet.InterfaceAddr) (tcpip.ProtocolAddress, error) {
return protocolAddress, nil
}
+func (s *Stack) nextInterfaceIndex() tcpip.NICID {
+ var maxIdx tcpip.NICID = 0
+
+ for id, _ := range s.Stack.NICInfo() {
+ if id > maxIdx {
+ maxIdx = id
+ }
+ }
+
+ return maxIdx + 1
+}
+
+func (s *Stack) AddGREInterface(name string, local, remote inet.InterfaceAddr) (int32, error) {
+ var mtu uint32 = 1280
+ var idx tcpip.NICID = s.nextInterfaceIndex()
+
+ localAddr := tcpip.Address(local.Addr)
+ remoteAddr := tcpip.Address(remote.Addr)
+
+ greEP := tunnel.New(mtu)
+ if remoteAddr == header.IPv4Any {
+ greEP.Endpoint.LinkEPCapabilities = stack.CapabilityResolutionRequired
+ }
+
+ if err := s.Stack.CreateNICWithOptions(idx, greEP, stack.NICOptions{Name: name}); err != nil {
+ return -1, syserr.TranslateNetstackError(err).ToError()
+ }
+
+ err := greEP.Start(s.Stack, idx, &localAddr, &remoteAddr)
+ if err != nil {
+ return -1, syserr.TranslateNetstackError(err).ToError()
+ }
+
+ return int32(idx), nil
+}
+
// AddInterfaceAddr implements inet.Stack.AddInterfaceAddr.
func (s *Stack) AddInterfaceAddr(idx int32, addr inet.InterfaceAddr) error {
protocolAddress, err := convertAddr(addr)
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-17 05:56:09 +0000