/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
* Copyright (c) 2009 University of Washington
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include <unistd.h>
#include <stdint.h>
#include <string>
#include <string.h> // for strerror
#include <iostream>
#include <iomanip>
#include <sstream>
#include <stdlib.h>
#include <errno.h>
#include <fcntl.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <net/if.h>
#include <linux/if_tun.h>
#include <net/route.h>
#include <netinet/in.h>
#include "tap-encode-decode.h"
#define TAP_MAGIC 95549
static int gVerbose = 1; // Set to true to turn on logging messages.
#define LOG(msg) \
if (gVerbose) \
{ \
std::cout << __FUNCTION__ << "(): " << msg << std::endl; \
}
#define ABORT(msg, printErrno) \
std::cout << __FILE__ << ": fatal error at line " << __LINE__ << ": " << __FUNCTION__ << "(): " << msg << std::endl; \
if (printErrno) \
{ \
std::cout << " errno = " << errno << " (" << strerror (errno) << ")" << std::endl; \
} \
exit (-1);
#define ABORT_IF(cond, msg, printErrno) \
if (cond) \
{ \
ABORT(msg, printErrno); \
}
//
// Lots of the following helper code taken from corresponding functions in src/node.
//
#define ASCII_DOT (0x2e)
#define ASCII_ZERO (0x30)
#define ASCII_a (0x41)
#define ASCII_z (0x5a)
#define ASCII_A (0x61)
#define ASCII_Z (0x7a)
#define ASCII_COLON (0x3a)
#define ASCII_ZERO (0x30)
static char
AsciiToLowCase (char c)
{
if (c >= ASCII_a && c <= ASCII_z) {
return c;
} else if (c >= ASCII_A && c <= ASCII_Z) {
return c + (ASCII_a - ASCII_A);
} else {
return c;
}
}
static uint32_t
AsciiToIpv4 (const char *address)
{
uint32_t host = 0;
while (true) {
uint8_t byte = 0;
while (*address != ASCII_DOT &&
*address != 0) {
byte *= 10;
byte += *address - ASCII_ZERO;
address++;
}
host <<= 8;
host |= byte;
if (*address == 0) {
break;
}
address++;
}
return host;
}
static void
AsciiToMac48 (const char *str, uint8_t addr[6])
{
int i = 0;
while (*str != 0 && i < 6)
{
uint8_t byte = 0;
while (*str != ASCII_COLON && *str != 0)
{
byte <<= 4;
char low = AsciiToLowCase (*str);
if (low >= ASCII_a)
{
byte |= low - ASCII_a + 10;
}
else
{
byte |= low - ASCII_ZERO;
}
str++;
}
addr[i] = byte;
i++;
if (*str == 0)
{
break;
}
str++;
}
}
static void
SetInetAddress (sockaddr *ad, uint32_t networkOrder)
{
struct sockaddr_in *sin = (struct sockaddr_in*)ad;
sin->sin_family = AF_INET;
sin->sin_port = 0; // unused
sin->sin_addr.s_addr = htonl (networkOrder);
}
static void
SendSocket (const char *path, int fd)
{
//
// Open a Unix (local interprocess) socket to call back to the tap bridge
//
LOG ("Create Unix socket");
int sock = socket (PF_UNIX, SOCK_DGRAM, 0);
ABORT_IF (sock == -1, "Unable to open socket", 1);
//
// We have this string called path, which is really a hex representation
// of the endpoint that the tap bridge created. It used a forward encoding
// method (TapBufferToString) to take the sockaddr_un it made and passed
// the resulting string to us. So we need to take the inverse method
// (TapStringToBuffer) and build the same sockaddr_un over here.
//
socklen_t clientAddrLen;
struct sockaddr_un clientAddr;
LOG ("Decode address " << path);
bool rc = ns3::TapStringToBuffer (path, (uint8_t *)&clientAddr, &clientAddrLen);
ABORT_IF (rc == false, "Unable to decode path", 0);
LOG ("Connect");
int status = connect (sock, (struct sockaddr*)&clientAddr, clientAddrLen);
ABORT_IF (status == -1, "Unable to connect to tap bridge", 1);
LOG ("Connected");
//
// This is arcane enough that a few words are worthwhile to explain what's
// going on here.
//
// The interesting information (the socket FD) is going to go back to the
// tap bridge as an integer of ancillary data. Ancillary data is bits
// that are not a part a socket payload (out-of-band data). We're also
// going to send one integer back. It's just initialized to a magic number
// we use to make sure that the tap bridge is talking to the tap socket
// creator and not some other creator process (emu, specifically)
//
// The struct iovec below is part of a scatter-gather list. It describes a
// buffer. In this case, it describes a buffer (an integer) containing the
// data that we're going to send back to the tap bridge (that magic number).
//
struct iovec iov;
uint32_t magic = TAP_MAGIC;
iov.iov_base = &magic;
iov.iov_len = sizeof(magic);
//
// The CMSG macros you'll see below are used to create and access control
// messages (which is another name for ancillary data). The ancillary
// data is made up of pairs of struct cmsghdr structures and associated
// data arrays.
//
// First, we're going to allocate a buffer on the stack to contain our
// data array (that contains the socket). Sometimes you'll see this called
// an "ancillary element" but the msghdr uses the control message termimology
// so we call it "control."
//
size_t msg_size = sizeof(int);
char control[CMSG_SPACE(msg_size)];
//
// There is a msghdr that is used to minimize the number of parameters
// passed to sendmsg (which we will use to send our ancillary data). This
// structure uses terminology corresponding to control messages, so you'll
// see msg_control, which is the pointer to the ancillary data and controllen
// which is the size of the ancillary data array.
//
// So, initialize the message header that describes our ancillary/control data
// and point it to the control message/ancillary data we just allocated space
// for.
//
struct msghdr msg;
msg.msg_name = 0;
msg.msg_namelen = 0;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_control = control;
msg.msg_controllen = sizeof (control);
msg.msg_flags = 0;
//
// A cmsghdr contains a length field that is the length of the header and
// the data. It has a cmsg_level field corresponding to the originating
// protocol. This takes values which are legal levels for getsockopt and
// setsockopt (here SOL_SOCKET). We're going to use the SCM_RIGHTS type of
// cmsg, that indicates that the ancillary data array contains access rights
// that we are sending back to the tap bridge.
//
// We have to put together the first (and only) cmsghdr that will describe
// the whole package we're sending.
//
struct cmsghdr *cmsg;
cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
cmsg->cmsg_len = CMSG_LEN(msg_size);
//
// We also have to update the controllen in case other stuff is actually
// in there we may not be aware of (due to macros).
//
msg.msg_controllen = cmsg->cmsg_len;
//
// Finally, we get a pointer to the start of the ancillary data array and
// put our file descriptor in.
//
int *fdptr = (int*) (CMSG_DATA(cmsg));
*fdptr = fd; //
//
// Actually send the file descriptor back to the tap bridge.
//
ssize_t len = sendmsg(sock, &msg, 0);
ABORT_IF (len == -1, "Could not send socket back to tap bridge", 1);
LOG ("sendmsg complete");
}
static int
CreateTap (const char *dev, const char *gw, const char *ip, const char *mac, const char *mode, const char *netmask)
{
//
// Creation and management of Tap devices is done via the tun device
//
int tap = open ("/dev/net/tun", O_RDWR);
ABORT_IF (tap == -1, "Could not open /dev/net/tun", true);
//
// Allocate a tap device, making sure that it will not send the tun_pi header.
// If we provide a null name to the ifr.ifr_name, we tell the kernel to pick
// a name for us (i.e., tapn where n = 0..255.
//
// If the device does not already exist, the system will create one.
//
struct ifreq ifr;
ifr.ifr_flags = IFF_TAP | IFF_NO_PI;
strcpy (ifr.ifr_name, dev);
int status = ioctl (tap, TUNSETIFF, (void *) &ifr);
ABORT_IF (status == -1, "Could not allocate tap device", true);
std::string tapDeviceName = (char *)ifr.ifr_name;
LOG ("Allocated TAP device " << tapDeviceName);
//
// Operating mode "2" corresponds to USE_LOCAL and "3" to USE_BRIDGE mode.
// This means that
// we expect that the user will have named, created and configured a network
// tap that we are just going to use. So don't mess up his hard work by
// changing anything, just return the tap fd.
//
if (strcmp (mode, "2") == 0 || strcmp (mode, "3") == 0)
{
LOG ("Returning precreated tap ");
return tap;
}
//
// Set the hardware (MAC) address of the new device
//
ifr.ifr_hwaddr.sa_family = 1; // this is ARPHRD_ETHER from if_arp.h
AsciiToMac48 (mac, (uint8_t*)ifr.ifr_hwaddr.sa_data);
status = ioctl (tap, SIOCSIFHWADDR, &ifr);
ABORT_IF (status == -1, "Could not set MAC address", true);
LOG ("Set device MAC address to " << mac);
int fd = socket (AF_INET, SOCK_DGRAM, 0);
//
// Bring the interface up.
//
status = ioctl (fd, SIOCGIFFLAGS, &ifr);
ABORT_IF (status == -1, "Could not get flags for interface", true);
ifr.ifr_flags |= IFF_UP | IFF_RUNNING;
status = ioctl (fd, SIOCSIFFLAGS, &ifr);
ABORT_IF (status == -1, "Could not bring interface up", true);
LOG ("Device is up");
//
// Set the IP address of the new interface/device.
//
SetInetAddress (&ifr.ifr_addr, AsciiToIpv4 (ip));
status = ioctl (fd, SIOCSIFADDR, &ifr);
ABORT_IF (status == -1, "Could not set IP address", true);
LOG ("Set device IP address to " << ip);
//
// Set the net mask of the new interface/device
//
SetInetAddress (&ifr.ifr_netmask, AsciiToIpv4 (netmask));
status = ioctl (fd, SIOCSIFNETMASK, &ifr);
ABORT_IF (status == -1, "Could not set net mask", true);
LOG ("Set device Net Mask to " << netmask);
return tap;
}
int
main (int argc, char *argv[])
{
int c;
char *dev = (char *)"";
char *gw = NULL;
char *ip = NULL;
char *mac = NULL;
char *netmask = NULL;
char *operatingMode = NULL;
char *path = NULL;
opterr = 0;
while ((c = getopt (argc, argv, "vd:g:i:m:n:o:p:")) != -1)
{
switch (c)
{
case 'd':
dev = optarg; // name of the new tap device
break;
case 'g':
gw = optarg; // gateway address for the new device
break;
case 'i':
ip = optarg; // ip address of the new device
break;
case 'm':
mac = optarg; // mac address of the new device
break;
case 'n':
netmask = optarg; // net mask for the new device
break;
case 'o':
operatingMode = optarg; // operating mode of tap bridge
break;
case 'p':
path = optarg; // path back to the tap bridge
break;
case 'v':
gVerbose = true;
break;
}
}
//
// We have got to be able to coordinate the name of the tap device we are
// going to create and or open with the device that an external Linux host
// will use. If this name is provided we use it. If not we let the system
// create the device for us. This name is given in dev
//
LOG ("Provided Device Name is \"" << dev << "\"");
//
// We have got to be able to provide a gateway to the external Linux host
// so it can talk to the ns-3 network. This ip address is provided in
// gw.
//
ABORT_IF (gw == NULL, "Gateway Address is a required argument", 0);
LOG ("Provided Gateway Address is \"" << gw << "\"");
//
// We have got to be able to assign an IP address to the tap device we are
// allocating. This address is allocated in the simulation and assigned to
// the tap bridge. This address is given in ip.
//
ABORT_IF (ip == NULL, "IP Address is a required argument", 0);
LOG ("Provided IP Address is \"" << ip << "\"");
//
// We have got to be able to assign a Mac address to the tap device we are
// allocating. This address is allocated in the simulation and assigned to
// the bridged device. This allows packets addressed to the bridged device
// to appear in the Linux host as if they were received there.
//
ABORT_IF (mac == NULL, "MAC Address is a required argument", 0);
LOG ("Provided MAC Address is \"" << mac << "\"");
//
// We have got to be able to assign a net mask to the tap device we are
// allocating. This mask is allocated in the simulation and given to
// the bridged device.
//
ABORT_IF (netmask == NULL, "Net Mask is a required argument", 0);
LOG ("Provided Net Mask is \"" << netmask << "\"");
//
// We have got to know whether or not to create the TAP.
//
ABORT_IF (operatingMode == NULL, "Operating Mode is a required argument", 0);
LOG ("Provided Operating Mode is \"" << operatingMode << "\"");
//
// This program is spawned by a tap bridge running in a simulation. It
// wants to create a socket as described below. We are going to do the
// work here since we're running suid root. Once we create the socket,
// we have to send it back to the tap bridge. We do that over a Unix
// (local interprocess) socket. The tap bridge created a socket to
// listen for our response on, and it is expected to have encoded the address
// information as a string and to have passed that string as an argument to
// us. We see it here as the "path" string. We can't do anything useful
// unless we have that string.
//
ABORT_IF (path == NULL, "path is a required argument", 0);
LOG ("Provided path is \"" << path << "\"");
//
// The whole reason for all of the hoops we went through to call out to this
// program will pay off here. We created this program to run as suid root
// in order to keep the main simulation program from having to be run with
// root privileges. We need root privileges to be able to futz with the
// Tap device underlying all of this. So all of these hoops are to allow
// us to exeucte the following code:
//
LOG ("Creating Tap");
int sock = CreateTap (dev, gw, ip, mac, operatingMode, netmask);
ABORT_IF (sock == -1, "main(): Unable to create tap socket", 1);
//
// Send the socket back to the tap net device so it can go about its business
//
SendSocket (path, sock);
return 0;
}