tun: initial support, no ifcfg yet

include/Makefile.am

@@ -36,6 +36,7 @@ wicked_include_HEADERS		= \
 	wicked/socket.h		\
 	wicked/sysconfig.h	\
 	wicked/system.h		\
+	wicked/tun.h		\
 	wicked/types.h		\
 	wicked/util.h		\
 	wicked/vlan.h		\

include/wicked/netinfo.h

@@ -85,6 +85,7 @@ struct ni_netdev {
 	ni_macvlan_t *		macvlan;
 	ni_wireless_t *		wireless;
 	ni_openvpn_t *		openvpn;
+	ni_tun_t *		tun;
 	ni_ppp_t *		ppp;
 	ni_lldp_t *		lldp;
 	ni_dcb_t *		dcb;
@@ -183,6 +184,7 @@ extern ni_macvlan_t *	ni_netdev_get_macvlan(ni_netdev_t *);
 extern ni_bridge_t *	ni_netdev_get_bridge(ni_netdev_t *);
 extern ni_wireless_t *	ni_netdev_get_wireless(ni_netdev_t *);
 extern ni_openvpn_t *	ni_netdev_get_openvpn(ni_netdev_t *);
+extern ni_tun_t *	ni_netdev_get_tun(ni_netdev_t *);
 extern ni_ppp_t *	ni_netdev_get_ppp(ni_netdev_t *);
 extern ni_lldp_t *	ni_netdev_get_lldp(ni_netdev_t *);
 extern void		ni_netdev_set_bonding(ni_netdev_t *, ni_bonding_t *);
@@ -194,6 +196,7 @@ extern void		ni_netdev_set_infiniband(ni_netdev_t *, ni_infiniband_t *);
 extern void		ni_netdev_set_link_stats(ni_netdev_t *, ni_link_stats_t *);
 extern void		ni_netdev_set_wireless(ni_netdev_t *, ni_wireless_t *);
 extern void		ni_netdev_set_openvpn(ni_netdev_t *, ni_openvpn_t *);
+extern void		ni_netdev_set_tun(ni_netdev_t *, ni_tun_t *);
 extern void		ni_netdev_set_ppp(ni_netdev_t *, ni_ppp_t *);
 extern void		ni_netdev_set_dcb(ni_netdev_t *, ni_dcb_t *);
 extern void		ni_netdev_set_lldp(ni_netdev_t *, ni_lldp_t *);

include/wicked/system.h

@@ -60,7 +60,7 @@ extern int		ni_system_bond_setup(ni_netconfig_t *nc, ni_netdev_t *,
 extern int		ni_system_bond_delete(ni_netconfig_t *nc, ni_netdev_t *);
 extern int		ni_system_bond_shutdown(ni_netdev_t *);
 extern int		ni_system_tun_create(ni_netconfig_t *, const char *,
-				ni_netdev_t **);
+				const ni_tun_t *cfg, ni_netdev_t **);
 extern int		ni_system_tun_delete(ni_netdev_t *);
 extern int		ni_system_ppp_create(ni_netconfig_t *, const char *,
 				ni_ppp_t *, ni_netdev_t **);

include/wicked/tun.h

@@ -0,0 +1,43 @@
+/*
+ *	Routines for handling tun device settings
+ *
+ *	Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+ *
+ *	This program is free software; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This program is distributed in the hope that it will be useful,
+ *	but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *	GNU General Public License for more details.
+ *
+ *	You should have received a copy of the GNU General Public License along
+ *	with this program; if not, see <http://www.gnu.org/licenses/> or write
+ *	to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ *	Boston, MA 02110-1301 USA.
+ *
+ *	Authors:
+ *		Pawel Wieczorkiewicz <pwieczorkiewicz@suse.de>
+ *		Marius Tomaschewski <mt@suse.de>
+ *
+ */
+
+#ifndef   __WICKED_TUN_H__
+#define   __WICKED_TUN_H__
+
+#include <wicked/types.h>
+
+struct ni_tun {
+	ni_bool_t	persistent; /* Always TRUE */
+	uid_t		owner;
+	gid_t		group;
+};
+
+extern ni_tun_t *	ni_tun_new(void);
+extern void		ni_tun_free(ni_tun_t *);
+extern const char *	ni_tun_validate(const ni_tun_t *);
+
+extern int		ni_tun_parse_sysfs_attrs(const char *, ni_tun_t *);
+#endif /* __WICKED_MACVLAN_H__ */

include/wicked/types.h

@@ -33,6 +33,7 @@ typedef struct ni_wireless_scan	ni_wireless_scan_t;
 typedef struct ni_ethernet	ni_ethernet_t;
 typedef struct ni_infiniband	ni_infiniband_t;
 typedef struct ni_openvpn	ni_openvpn_t;
+typedef struct ni_tun		ni_tun_t;
 typedef struct ni_ppp		ni_ppp_t;
 typedef struct ni_dcb		ni_dcb_t;
 typedef struct ni_lldp		ni_lldp_t;

samples/wicked/tun0.xml

@@ -0,0 +1,9 @@
+<interface>
+  <name>tun0</name>
+
+  <tun>
+    <persistent>true</persistent>
+    <owner>0</owner>
+    <group>0</group>
+  </tun>
+</interface>

schema/Makefile.am

@@ -20,6 +20,7 @@ wicked_schema_files		= \
 	ppp.xml			\
 	protocol.xml		\
 	types.xml		\
+	tun.xml			\
 	vlan.xml		\
 	wicked.xml		\
 	wireless.xml

schema/tun.xml

@@ -0,0 +1,51 @@
+<!--
+  -- tun service definition
+  -->
+<service name="tun" interface="org.opensuse.Network.TUN"
+			object-class="netif-virtual-tunnel">
+ <description>
+   This link-layer service is provided by all TUN devices. Since there isn't a lot
+   to tune about a TUN once it has been created, this DBus interface doesn't offer
+   an own changeDevice() method (yet).
+
+   TUN devices can be created through the org.opensuse.Network.TUN.Factory
+   factory interface.
+ </description>
+
+ <!-- This are the properties used to configure the tun -->
+ <define name="configuration" class="dict">
+  <device type="string">
+    <meta:netif-reference shared="true"/>
+    <meta:require check="netif-child-state" op="newDevice" min-state="device-exists" />
+    <meta:require check="netif-child-state" op="linkUp"    min-state="device-up" />
+    <meta:require check="netif-child-state" op="login"     min-state="link-authenticated" />
+  </device>
+
+  <persistent type="boolean"/>
+  <owner type="uint32"/>
+  <group type="uint32"/>
+ </define>
+
+ <!-- The same properties are returned in interface state reports -->
+ <define name="properties" type="tun:configuration"/>
+
+ <method name="deleteDevice">
+   <!-- no arguments, no return code -->
+ </method>
+</service>
+
+<service name="tun-factory" interface="org.opensuse.Network.TUN.Factory"
+				object-class="netif-list">
+ <method name="newDevice">
+  <arguments>
+   <name type="string"/>
+   <config type="tun:configuration">
+    <meta:mapping document-node="/tun"/>
+   </config>
+  </arguments>
+  <return>
+   <!-- this is really an object handle -->
+   <string/>
+  </return>
+ </method>
+</service>

schema/wicked.xml

@@ -16,6 +16,7 @@
 <include name="infiniband.xml"/>
 <include name="interface.xml"/>
 <include name="wireless.xml"/>
+<include name="tun.xml"/>
 <include name="ppp.xml"/>
 <include name="firewall.xml"/>
 <include name="addrconf.xml"/>

src/Makefile.am

@@ -93,6 +93,7 @@ libwicked_la_SOURCES		= \
 	sysconfig.c		\
 	sysfs.c			\
 	timer.c			\
+	tun.c			\
 	update.c		\
 	util.c			\
 	vlan.c			\

src/dbus-objects/openvpn.c

@@ -11,6 +11,7 @@
 #include <wicked/logging.h>
 #include <wicked/system.h>
 #include <wicked/openvpn.h>
+#include <wicked/tun.h>
 #include <wicked/dbus-errors.h>
 #include <wicked/dbus-service.h>
 #include "model.h"
@@ -69,6 +70,8 @@ __ni_objectmodel_openvpn_newlink(ni_netdev_t *cfg_ifp, const char *ifname, DBusE
 {
 	ni_netconfig_t *nc = ni_global_state_handle(0);
 	ni_netdev_t *new_dev = NULL;
+	const ni_tun_t *tun;
+	const char *err;
 	int rv;
 
 	/* There's nothing in the device argument that we could use. */
@@ -80,7 +83,13 @@ __ni_objectmodel_openvpn_newlink(ni_netdev_t *cfg_ifp, const char *ifname, DBusE
 		goto out;
 	}
 
-	if ((rv = ni_system_tun_create(nc, ifname, &new_dev)) < 0) {
+	tun = ni_netdev_get_tun(cfg_ifp);
+	if ((err = ni_tun_validate(tun))) {
+		dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s", err);
+		goto out;
+	}
+
+	if ((rv = ni_system_tun_create(nc, ifname, tun, &new_dev)) < 0) {
 		if (rv != -NI_ERROR_DEVICE_EXISTS || new_dev == NULL
 		|| (ifname && new_dev && !ni_string_eq(new_dev->name, ifname))) {
 			ni_dbus_set_error_from_code(error, rv,

src/dbus-objects/tun.c

@@ -1,7 +1,27 @@
 /*
  * DBus encapsulation for tun/tap interfaces
  *
- * Copyright (C) 2012 Olaf Kirch <okir@suse.de>
+ *	Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+ *
+ *	This program is free software; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This program is distributed in the hope that it will be useful,
+ *	but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *	GNU General Public License for more details.
+ *
+ *	You should have received a copy of the GNU General Public License along
+ *	with this program; if not, see <http://www.gnu.org/licenses/> or write
+ *	to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ *	Boston, MA 02110-1301 USA.
+ *
+ *	Authors:
+ *		Olaf Kirch <okir@suse.de>
+ *		Pawel Wieczorkiewicz <pwieczorkiewicz@suse.de>
+ *
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -10,12 +30,12 @@
 #include <wicked/netinfo.h>
 #include <wicked/logging.h>
 #include <wicked/system.h>
+#include <wicked/tun.h>
 #include <wicked/dbus-errors.h>
 #include <wicked/dbus-service.h>
 #include "model.h"
 #include "debug.h"
 
-
 static ni_netdev_t *	__ni_objectmodel_tun_newlink(ni_netdev_t *, const char *, DBusError *);
 
 /*
@@ -25,10 +45,10 @@ static ni_netdev_t *	__ni_objectmodel_tun_newlink(ni_netdev_t *, const char *, D
 static inline ni_netdev_t *
 __ni_objectmodel_tun_device_arg(const ni_dbus_variant_t *dict)
 {
-	return ni_objectmodel_get_netif_argument(dict, NI_IFTYPE_TUN, &ni_objectmodel_tun_service);
+	return ni_objectmodel_get_netif_argument(dict, NI_IFTYPE_TUN,
+		&ni_objectmodel_tun_service);
 }
 
-
 /*
  * Create a new TUN interface
  */
@@ -59,6 +79,8 @@ __ni_objectmodel_tun_newlink(ni_netdev_t *cfg_ifp, const char *ifname, DBusError
 {
 	ni_netconfig_t *nc = ni_global_state_handle(0);
 	ni_netdev_t *new_ifp = NULL;
+	const ni_tun_t *tun;
+	const char *err;
 	int rv;
 
 	/* There's nothing in the device argument that we could use. */
@@ -70,7 +92,13 @@ __ni_objectmodel_tun_newlink(ni_netdev_t *cfg_ifp, const char *ifname, DBusError
 		goto out;
 	}
 
-	if ((rv = ni_system_tun_create(nc, ifname, &new_ifp)) < 0) {
+	tun = ni_netdev_get_tun(cfg_ifp);
+	if ((err = ni_tun_validate(tun))) {
+		dbus_set_error(error, DBUS_ERROR_INVALID_ARGS, "%s", err);
+		goto out;
+	}
+
+	if ((rv = ni_system_tun_create(nc, ifname, tun, &new_ifp)) < 0) {
 		if (rv != -NI_ERROR_DEVICE_EXISTS || new_ifp == NULL
 		|| (ifname && new_ifp && !ni_string_eq(new_ifp->name, ifname))) {
 			ni_dbus_set_error_from_code(error, rv,
@@ -104,28 +132,52 @@ ni_objectmodel_tun_delete(ni_dbus_object_t *object, const ni_dbus_method_t *meth
 			unsigned int argc, const ni_dbus_variant_t *argv,
 			ni_dbus_message_t *reply, DBusError *error)
 {
-	ni_netdev_t *ifp;
+	ni_netdev_t *dev;
 	int rv;
 
-	if (!(ifp = ni_objectmodel_unwrap_netif(object, error)))
+	if (!(dev = ni_objectmodel_unwrap_netif(object, error)))
 		return FALSE;
 
-	NI_TRACE_ENTER_ARGS("ifp=%s", ifp->name);
-	if ((rv = ni_system_tun_delete(ifp)) < 0) {
+	NI_TRACE_ENTER_ARGS("dev=%s", dev->name);
+	if ((rv = ni_system_tun_delete(dev)) < 0) {
 		dbus_set_error(error,
 				DBUS_ERROR_FAILED,
 				"Error deleting TUN interface %s: %s",
-				ifp->name, ni_strerror(rv));
+				dev->name, ni_strerror(rv));
 		return FALSE;
 	}
 
-	ni_client_state_drop(ifp->link.ifindex);
+	ni_client_state_drop(dev->link.ifindex);
 	ni_dbus_object_free(object);
 	return TRUE;
 }
 
+/*
+ * Helper function to obtain tun config from dbus object
+ */
+static void *
+ni_objectmodel_get_tun(const ni_dbus_object_t *object, ni_bool_t write_access, DBusError *error)
+{
+	ni_netdev_t *dev;
+
+	if (!(dev = ni_objectmodel_unwrap_netif(object, error)))
+		return NULL;
+
+	if (!write_access)
+		return dev->tun;
+
+	return ni_netdev_get_tun(dev);
+}
+
+#define TUN_UINT32_PROPERTY(dbus_type, type, rw) \
+	NI_DBUS_GENERIC_UINT32_PROPERTY(tun, dbus_type, type, rw)
+#define TUN_BOOL_PROPERTY(dbus_type, type, rw) \
+	NI_DBUS_GENERIC_BOOL_PROPERTY(tun, dbus_type, type, rw)
 
 const ni_dbus_property_t	ni_objectmodel_tun_property_table[] = {
+	TUN_BOOL_PROPERTY(persistent, persistent, RO),
+	TUN_UINT32_PROPERTY(owner, owner, RO),
+	TUN_UINT32_PROPERTY(group, group, RO),
 	{ NULL }
 };