Merge pull request #193 from pwieczorkiewicz/tuntap

Add TUN/TAP support
openSUSE · Mar 14, 2014 · 94b84a3 · 94b84a3
2 parents c0f8d5a + e673e91
commit 94b84a3
Show file tree

Hide file tree

Showing 28 changed files with 993 additions and 120 deletions.
diff --git a/client/compat.c b/client/compat.c
@@ -36,6 +36,7 @@
 #include <wicked/bridge.h>
 #include <wicked/vlan.h>
 #include <wicked/macvlan.h>
+#include <wicked/tuntap.h>
 #include <wicked/wireless.h>
 #include <wicked/fsm.h>
 #include <wicked/xml.h>
@@ -775,6 +776,38 @@ __ni_compat_generate_wireless(xml_node_t *ifnode, const ni_compat_netdev_t *comp
 	return TRUE;
 }
 
+static ni_bool_t
+__ni_compat_generate_tuntap(xml_node_t *ifnode, const ni_compat_netdev_t *compat)
+{
+	xml_node_t *child = NULL;
+	ni_tuntap_t *tuntap;
+
+	if (!(tuntap = ni_netdev_get_tuntap(compat->dev)))
+		return FALSE;
+
+	if (compat->dev->link.type == NI_IFTYPE_TUN) {
+		child = xml_node_create(ifnode, "tun");
+	} else
+	if (compat->dev->link.type == NI_IFTYPE_TAP) {
+		child = xml_node_create(ifnode, "tap");
+
+		if (child && compat->dev->link.hwaddr.len) {
+			xml_node_new_element("address", child,
+				ni_link_address_print(&compat->dev->link.hwaddr));
+		}
+	}
+
+	if (!child)
+		return FALSE;
+
+	if (tuntap->owner != -1U)
+		xml_node_new_element_uint("owner", child, tuntap->owner);
+	if (tuntap->group != -1U)
+		xml_node_new_element_uint("owner", child, tuntap->group);
+
+	return TRUE;
+}
+
 static void
 __ni_compat_generate_static_route_hops(xml_node_t *rnode, const ni_route_nexthop_t *hops,
 					const char *ifname)
@@ -1150,7 +1183,6 @@ __ni_compat_generate_dhcp6_addrconf(xml_node_t *ifnode, const ni_compat_netdev_t
 	return dhcp;
 }
 
-
 static ni_bool_t
 __ni_compat_generate_ifcfg(xml_node_t *ifnode, const ni_compat_netdev_t *compat)
 {
@@ -1220,6 +1252,11 @@ __ni_compat_generate_ifcfg(xml_node_t *ifnode, const ni_compat_netdev_t *compat)
 		__ni_compat_generate_wireless(ifnode, compat);
 		break;
 
+	case NI_IFTYPE_TUN:
+	case NI_IFTYPE_TAP:
+		__ni_compat_generate_tuntap(ifnode, compat);
+		break;
+
 	default: ;
 	}
 

diff --git a/client/suse/compat-suse.c b/client/suse/compat-suse.c
@@ -29,6 +29,9 @@
 #include <net/if_arp.h>
 #include <net/ethernet.h>
 #include <netlink/netlink.h>
+#include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
 
 #include <wicked/address.h>
 #include <wicked/util.h>
@@ -48,6 +51,7 @@
 #include <wicked/fsm.h>
 #include <wicked/ipv4.h>
 #include <wicked/ipv6.h>
+#include <wicked/tuntap.h>
 
 #include <wicked/objectmodel.h>
 #include <wicked/dbus.h>
@@ -2444,6 +2448,52 @@ try_wireless(const ni_sysconfig_t *sc, ni_compat_netdev_t *compat)
 /*
  * Handle Tunnel interfaces
  */
+static int
+__try_tunnel_tuntap(const ni_sysconfig_t *sc, ni_compat_netdev_t *compat)
+{
+	ni_netdev_t *dev = compat->dev;
+	const char *value;
+	ni_tuntap_t *tuntap;
+
+	if (!(tuntap = ni_netdev_get_tuntap(dev)))
+		return -1;
+
+	if (dev->link.type == NI_IFTYPE_TAP
+	&&  (value = ni_sysconfig_get_value(sc, "LLADDR"))) {
+		if (ni_link_address_parse(&dev->link.hwaddr, ARPHRD_ETHER, value) < 0) {
+			ni_error("ifcfg-%s: Cannot parse LLADDR=\"%s\"",
+				dev->name, value);
+			return -1;
+		}
+	}
+
+	if ((value = ni_sysconfig_get_value(sc, "TUNNEL_SET_OWNER"))) {
+		if (ni_parse_uint(value, &tuntap->owner, 10)) {
+			struct passwd *pw;
+
+			if (!(pw = getpwnam(value))) {
+				ni_error("ifcfg-%s: Cannot parse TUNNEL_SET_OWNER='%s'",
+					dev->name, value);
+				return -1;
+			}
+			tuntap->owner = pw->pw_uid;
+		}
+	}
+	if ((value = ni_sysconfig_get_value(sc, "TUNNEL_SET_GROUP"))) {
+		if (ni_parse_uint(value, &tuntap->group, 10)) {
+			struct group *gr;
+
+			if (!(gr = getgrnam(value))) {
+				ni_error("ifcfg-%s: Cannot parse TUNNEL_SET_GROUP='%s'",
+					dev->name, value);
+				return -1;
+			}
+			tuntap->group = gr->gr_gid;
+		}
+	}
+	return 0;
+}
+
 static int
 try_tunnel(const ni_sysconfig_t *sc, ni_compat_netdev_t *compat)
 {
@@ -2481,10 +2531,15 @@ try_tunnel(const ni_sysconfig_t *sc, ni_compat_netdev_t *compat)
 	}
 
 	dev->link.type = map->value;
-	ni_warn("ifcfg-%s: conversion of tunnel interfaces not yet supported",
-		dev->name);
-
-	return 0;
+	switch (dev->link.type) {
+	case NI_IFTYPE_TUN:
+	case NI_IFTYPE_TAP:
+		return __try_tunnel_tuntap(sc, compat);
+	default:
+		ni_warn("ifcfg-%s: conversion of %s tunnels not yet supported",
+			dev->name, map->name);
+		return 0;
+	}
 }
 
 /*

diff --git a/etc/org.opensuse.Network.conf b/etc/org.opensuse.Network.conf
@@ -54,6 +54,10 @@
            send_interface="org.opensuse.Network.TUN"/>
     <allow send_destination="org.opensuse.Network"
            send_interface="org.opensuse.Network.TUN.Factory"/>
+    <allow send_destination="org.opensuse.Network"
+	   send_interface="org.opensuse.Network.TAP"/>
+    <allow send_destination="org.opensuse.Network"
+	   send_interface="org.opensuse.Network.TAP.Factory"/>
     <allow send_destination="org.opensuse.Network"
            send_interface="org.opensuse.Network.OpenVPN"/>
     <allow send_destination="org.opensuse.Network"

diff --git a/include/Makefile.am b/include/Makefile.am
@@ -36,6 +36,7 @@ wicked_include_HEADERS		= \
 	wicked/socket.h		\
 	wicked/sysconfig.h	\
 	wicked/system.h		\
+	wicked/tuntap.h		\
 	wicked/types.h		\
 	wicked/util.h		\
 	wicked/vlan.h		\

diff --git a/include/wicked/netinfo.h b/include/wicked/netinfo.h
@@ -85,6 +85,7 @@ struct ni_netdev {
 	ni_macvlan_t *		macvlan;
 	ni_wireless_t *		wireless;
 	ni_openvpn_t *		openvpn;
+	ni_tuntap_t *		tuntap;
 	ni_ppp_t *		ppp;
 	ni_lldp_t *		lldp;
 	ni_dcb_t *		dcb;
@@ -183,6 +184,7 @@ extern ni_macvlan_t *	ni_netdev_get_macvlan(ni_netdev_t *);
 extern ni_bridge_t *	ni_netdev_get_bridge(ni_netdev_t *);
 extern ni_wireless_t *	ni_netdev_get_wireless(ni_netdev_t *);
 extern ni_openvpn_t *	ni_netdev_get_openvpn(ni_netdev_t *);
+extern ni_tuntap_t *	ni_netdev_get_tuntap(ni_netdev_t *);
 extern ni_ppp_t *	ni_netdev_get_ppp(ni_netdev_t *);
 extern ni_lldp_t *	ni_netdev_get_lldp(ni_netdev_t *);
 extern void		ni_netdev_set_bonding(ni_netdev_t *, ni_bonding_t *);
@@ -194,6 +196,7 @@ extern void		ni_netdev_set_infiniband(ni_netdev_t *, ni_infiniband_t *);
 extern void		ni_netdev_set_link_stats(ni_netdev_t *, ni_link_stats_t *);
 extern void		ni_netdev_set_wireless(ni_netdev_t *, ni_wireless_t *);
 extern void		ni_netdev_set_openvpn(ni_netdev_t *, ni_openvpn_t *);
+extern void		ni_netdev_set_tuntap(ni_netdev_t *, ni_tuntap_t *);
 extern void		ni_netdev_set_ppp(ni_netdev_t *, ni_ppp_t *);
 extern void		ni_netdev_set_dcb(ni_netdev_t *, ni_dcb_t *);
 extern void		ni_netdev_set_lldp(ni_netdev_t *, ni_lldp_t *);

diff --git a/include/wicked/objectmodel.h b/include/wicked/objectmodel.h
@@ -79,6 +79,7 @@ extern ni_dbus_class_t *	ni_objectmodel_class_new(const char *, const ni_dbus_cl
 #define NI_OBJECTMODEL_VLAN_INTERFACE		NI_OBJECTMODEL_INTERFACE ".VLAN"
 #define NI_OBJECTMODEL_BONDING_INTERFACE	NI_OBJECTMODEL_INTERFACE ".Bond"
 #define NI_OBJECTMODEL_TUN_INTERFACE		NI_OBJECTMODEL_INTERFACE ".TUN"
+#define NI_OBJECTMODEL_TAP_INTERFACE		NI_OBJECTMODEL_INTERFACE ".TAP"
 #define NI_OBJECTMODEL_OPENVPN_INTERFACE	NI_OBJECTMODEL_INTERFACE ".OpenVPN"
 #define NI_OBJECTMODEL_PPP_INTERFACE		NI_OBJECTMODEL_INTERFACE ".PPP"
 #define NI_OBJECTMODEL_PPPOE_INTERFACE		NI_OBJECTMODEL_INTERFACE ".PPPoE"

diff --git a/include/wicked/system.h b/include/wicked/system.h
@@ -59,9 +59,13 @@ extern int		ni_system_bond_setup(ni_netconfig_t *nc, ni_netdev_t *,
 				const ni_bonding_t *);
 extern int		ni_system_bond_delete(ni_netconfig_t *nc, ni_netdev_t *);
 extern int		ni_system_bond_shutdown(ni_netdev_t *);
-extern int		ni_system_tun_create(ni_netconfig_t *, const char *,
+extern int		ni_system_tap_change(ni_netconfig_t *, ni_netdev_t *, const ni_netdev_t *);
+extern int		ni_system_tuntap_create(ni_netconfig_t *, const ni_netdev_t *,
 				ni_netdev_t **);
-extern int		ni_system_tun_delete(ni_netdev_t *);
+extern int		ni_system_tuntap_delete(ni_netdev_t *);
+extern int		ni_system_tap_create(ni_netconfig_t *, const char *,
+				ni_netdev_t **);
+extern int		ni_system_tap_delete(ni_netdev_t *);
 extern int		ni_system_ppp_create(ni_netconfig_t *, const char *,
 				ni_ppp_t *, ni_netdev_t **);
 extern int		ni_system_ppp_delete(ni_netdev_t *);

diff --git a/include/wicked/tuntap.h b/include/wicked/tuntap.h
@@ -0,0 +1,44 @@
+/*
+ *	Routines for handling tun/tap device settings
+ *
+ *	Copyright (C) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+ *
+ *	This program is free software; you can redistribute it and/or modify
+ *	it under the terms of the GNU General Public License as published by
+ *	the Free Software Foundation; either version 2 of the License, or
+ *	(at your option) any later version.
+ *
+ *	This program is distributed in the hope that it will be useful,
+ *	but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *	GNU General Public License for more details.
+ *
+ *	You should have received a copy of the GNU General Public License along
+ *	with this program; if not, see <http://www.gnu.org/licenses/> or write
+ *	to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ *	Boston, MA 02110-1301 USA.
+ *
+ *	Authors:
+ *		Pawel Wieczorkiewicz <pwieczorkiewicz@suse.de>
+ *		Marius Tomaschewski <mt@suse.de>
+ *
+ */
+
+#ifndef   __WICKED_TUNTAP_H__
+#define   __WICKED_TUNTAP_H__
+
+#include <wicked/types.h>
+
+struct ni_tuntap {
+	ni_bool_t	persistent; /* Always TRUE */
+	uid_t		owner;
+	gid_t		group;
+};
+
+extern ni_tuntap_t *	ni_tuntap_new(void);
+extern void		ni_tuntap_free(ni_tuntap_t *);
+extern const char *	ni_tuntap_validate(const ni_tuntap_t *);
+
+extern int		ni_tuntap_parse_sysfs_attrs(const char *, ni_tuntap_t *);
+
+#endif /* __WICKED_TUNTAP_H__ */
diff --git a/include/wicked/types.h b/include/wicked/types.h
@@ -33,6 +33,7 @@ typedef struct ni_wireless_scan	ni_wireless_scan_t;
 typedef struct ni_ethernet	ni_ethernet_t;
 typedef struct ni_infiniband	ni_infiniband_t;
 typedef struct ni_openvpn	ni_openvpn_t;
+typedef struct ni_tuntap	ni_tuntap_t;
 typedef struct ni_ppp		ni_ppp_t;
 typedef struct ni_dcb		ni_dcb_t;
 typedef struct ni_lldp		ni_lldp_t;

diff --git a/samples/wicked/tap0.xml b/samples/wicked/tap0.xml
@@ -0,0 +1,8 @@
+<interface>
+  <name>tap0</name>
+  <tap>
+    <address>42:42:42:42:42</address>
+    <owner>0</owner>
+    <group>0</group>
+  </tap>
+</interface>
diff --git a/samples/wicked/tun0.xml b/samples/wicked/tun0.xml
@@ -0,0 +1,7 @@
+<interface>
+  <name>tun0</name>
+  <tun>
+    <owner>0</owner>
+    <group>0</group>
+  </tun>
+</interface>
diff --git a/schema/Makefile.am b/schema/Makefile.am
@@ -20,6 +20,7 @@ wicked_schema_files		= \
 	ppp.xml			\
 	protocol.xml		\
 	types.xml		\
+	tuntap.xml		\
 	vlan.xml		\
 	wicked.xml		\
 	wireless.xml

diff --git a/schema/openvpn.xml b/schema/openvpn.xml
@@ -1,10 +1,12 @@
 <!--
+  -- *** Note: UNDER REWORK -- DO NOT INCLUDE/USE ***
+  --
   -- OpenVPN Tunnel Service definition
   --
   -- We create a subclass of the tun/tap device class, which supports the OpenVPN
   -- DBus interface.
   -->
-<object-class name="netif-openvpn" base-class="netif-virtual-tunnel"/>
+<object-class name="netif-openvpn" base-class="netif-tun"/>
 
 <service name="openvpn" interface="org.opensuse.Network.OpenVPN" object-class="netif-openvpn">
  <!-- This is the linkinfo returned in interface reports -->
@@ -99,12 +101,6 @@
  </method>
 </service>
 
-<service name="tun" interface="org.opensuse.Network.TUN" object-class="netif-virtual-tunnel">
- <method name="deleteDevice">
-   <!-- no arguments, no return code -->
- </method>
-</service>
-
 <service name="openvpn-factory" interface="org.opensuse.Network.OpenVPN.Factory" object-class="netif-list">
  <!-- "Create" openvpn device.
    -- This will create a tunX device and an openvpn config file.
@@ -122,19 +118,3 @@
   </return>
  </method>
 </service>
-
-<service name="tun-factory" interface="org.opensuse.Network.TUN.Factory" object-class="netif-list">
- <define name="linkinfo" class="dict">
-   <!-- nothing -->
- </define>
- <method name="newDevice">
-  <arguments>
-   <name type="string"/>
-   <config type="linkinfo"/>
-  </arguments>
-  <return>
-   <string/> <!-- this is really an object handle -->
-  </return>
- </method>
-</service>
-