Add Netkit and Veth drivers

This commit adds Netkit and Veth drivers. Signed-off-by: Birol Bilgin <[email protected]>
brlbil · May 2, 2024 · fab552b · fab552b
1 parent 78c90e3
commit fab552b
Show file tree

Hide file tree

Showing 4 changed files with 422 additions and 1 deletion.
diff --git a/driver/driver.go b/driver/driver.go
@@ -1,6 +1,7 @@
 package driver
 
 import (
+	"errors"
 	"fmt"
 	"net"
 
@@ -13,6 +14,8 @@ func init() {
 	for _, drv := range []rtnetlink.LinkDriver{
 		&Bond{},
 		&BondSlave{},
+		&Netkit{},
+		&Veth{},
 	} {
 		_ = rtnetlink.RegisterDriver(drv)
 	}
@@ -631,3 +634,145 @@ func (b *BondSlave) Decode(ad *netlink.AttributeDecoder) error {
 func (*BondSlave) Kind() string {
 	return "bond"
 }
+
+type NetkitMode uint32
+
+func (n NetkitMode) String() string {
+	switch n {
+	case NETKIT_L2:
+		return "layer2"
+	case NETKIT_L3:
+		return "layer3"
+	default:
+		return fmt.Sprintf("unknown NetkitMode value (%d)", n)
+	}
+}
+
+const (
+	NETKIT_L2 NetkitMode = iota
+	NETKIT_L3
+)
+
+type NetkitPolicy int32
+
+func (n NetkitPolicy) String() string {
+	switch n {
+	case NETKIT_NEXT:
+		return "next"
+	case NETKIT_PASS:
+		return "forward"
+	case NETKIT_DROP:
+		return "blackhole"
+	case NETKIT_REDIRECT:
+		return "redirect"
+	default:
+		return fmt.Sprintf("unknown NetkitPolicy value (%d)", n)
+	}
+}
+
+const (
+	NETKIT_NEXT     NetkitPolicy = unix.NETKIT_NEXT
+	NETKIT_PASS     NetkitPolicy = unix.NETKIT_PASS
+	NETKIT_DROP     NetkitPolicy = unix.NETKIT_DROP
+	NETKIT_REDIRECT NetkitPolicy = unix.NETKIT_REDIRECT
+)
+
+// Netkit holds netkit link specific information
+type Netkit struct {
+	Mode       NetkitMode
+	Policy     NetkitPolicy
+	PeerPolicy NetkitPolicy
+	Primary    bool
+	PeerInfo   *rtnetlink.LinkMessage
+}
+
+var _ rtnetlink.LinkDriverVerifier = &Netkit{}
+
+func (n *Netkit) Verify(msg *rtnetlink.LinkMessage) error {
+	if msg.Attributes.Address != nil || (n.PeerInfo != nil && n.PeerInfo.Attributes != nil && n.PeerInfo.Attributes.Address != nil) {
+		return errors.New("netkit does not support setting Ethernet address")
+	}
+	if n.PeerInfo != nil {
+		n.PeerInfo.Family = msg.Family
+		n.PeerInfo.Flags = msg.Flags
+		n.PeerInfo.Change = msg.Change
+	}
+	return nil
+}
+
+func (n *Netkit) Decode(ad *netlink.AttributeDecoder) error {
+	for ad.Next() {
+		switch ad.Type() {
+		case unix.IFLA_NETKIT_MODE:
+			n.Mode = NetkitMode(ad.Uint32())
+		case unix.IFLA_NETKIT_POLICY:
+			n.Policy = NetkitPolicy(ad.Int32())
+		case unix.IFLA_NETKIT_PEER_POLICY:
+			n.PeerPolicy = NetkitPolicy(ad.Int32())
+		case unix.IFLA_NETKIT_PRIMARY:
+			n.Primary = ad.Uint8() != 0
+		}
+	}
+	return nil
+}
+
+func (n *Netkit) Encode(ae *netlink.AttributeEncoder) error {
+	ae.Uint32(unix.IFLA_NETKIT_MODE, uint32(n.Mode))
+	ae.Int32(unix.IFLA_NETKIT_POLICY, int32(n.Policy))
+	ae.Int32(unix.IFLA_NETKIT_PEER_POLICY, int32(n.PeerPolicy))
+	if n.PeerInfo != nil {
+		b, err := n.PeerInfo.MarshalBinary()
+		if err != nil {
+			return err
+		}
+		ae.Bytes(unix.IFLA_NETKIT_PEER_INFO, b)
+	}
+	return nil
+}
+
+func (n *Netkit) Kind() string {
+	return "netkit"
+}
+
+const veth_info_peer = 0x1
+
+type Veth struct {
+	PeerInfo *rtnetlink.LinkMessage
+}
+
+var _ rtnetlink.LinkDriver = &Veth{}
+
+func (v *Veth) Decode(ad *netlink.AttributeDecoder) error {
+	return nil
+}
+
+func (v *Veth) Encode(ae *netlink.AttributeEncoder) error {
+	b, err := v.PeerInfo.MarshalBinary()
+	if err != nil {
+		return err
+	}
+	ae.Bytes(veth_info_peer, b)
+
+	return nil
+}
+
+func (*Veth) Kind() string {
+	return "veth"
+}
+
+const (
+	eth_min_mtu = 68    // Min IPv4 MTU per RFC791
+	eth_max_mtu = 65535 // 65535, same as IP_MAX_MTU
+)
+
+func (v *Veth) Verify(msg *rtnetlink.LinkMessage) error {
+	if msg.Attributes != nil && msg.Attributes.MTU > 0 && (msg.Attributes.MTU < eth_min_mtu || msg.Attributes.MTU > eth_max_mtu) {
+		return fmt.Errorf("invalid MTU value %d, must be between %d %d", msg.Attributes.MTU, eth_min_mtu, eth_max_mtu)
+	}
+	if v.PeerInfo != nil {
+		v.PeerInfo.Family = msg.Family
+		v.PeerInfo.Flags = msg.Flags
+		v.PeerInfo.Flags = msg.Change
+	}
+	return nil
+}