github.com/metacubex/gvisor@v0.0.0-20240320004321-933faba989ec/pkg/tcpip/stack/registration.go (about)

     1  // Copyright 2018 The gVisor Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package stack
    16  
    17  import (
    18  	"fmt"
    19  	"time"
    20  
    21  	"github.com/metacubex/gvisor/pkg/buffer"
    22  	"github.com/metacubex/gvisor/pkg/tcpip"
    23  	"github.com/metacubex/gvisor/pkg/tcpip/header"
    24  	"github.com/metacubex/gvisor/pkg/waiter"
    25  )
    26  
    27  // NetworkEndpointID is the identifier of a network layer protocol endpoint.
    28  // Currently the local address is sufficient because all supported protocols
    29  // (i.e., IPv4 and IPv6) have different sizes for their addresses.
    30  type NetworkEndpointID struct {
    31  	LocalAddress tcpip.Address
    32  }
    33  
    34  // TransportEndpointID is the identifier of a transport layer protocol endpoint.
    35  //
    36  // +stateify savable
    37  type TransportEndpointID struct {
    38  	// LocalPort is the local port associated with the endpoint.
    39  	LocalPort uint16
    40  
    41  	// LocalAddress is the local [network layer] address associated with
    42  	// the endpoint.
    43  	LocalAddress tcpip.Address
    44  
    45  	// RemotePort is the remote port associated with the endpoint.
    46  	RemotePort uint16
    47  
    48  	// RemoteAddress it the remote [network layer] address associated with
    49  	// the endpoint.
    50  	RemoteAddress tcpip.Address
    51  }
    52  
    53  // NetworkPacketInfo holds information about a network layer packet.
    54  //
    55  // +stateify savable
    56  type NetworkPacketInfo struct {
    57  	// LocalAddressBroadcast is true if the packet's local address is a broadcast
    58  	// address.
    59  	LocalAddressBroadcast bool
    60  
    61  	// IsForwardedPacket is true if the packet is being forwarded.
    62  	IsForwardedPacket bool
    63  }
    64  
    65  // TransportErrorKind enumerates error types that are handled by the transport
    66  // layer.
    67  type TransportErrorKind int
    68  
    69  const (
    70  	// PacketTooBigTransportError indicates that a packet did not reach its
    71  	// destination because a link on the path to the destination had an MTU that
    72  	// was too small to carry the packet.
    73  	PacketTooBigTransportError TransportErrorKind = iota
    74  
    75  	// DestinationHostUnreachableTransportError indicates that the destination
    76  	// host was unreachable.
    77  	DestinationHostUnreachableTransportError
    78  
    79  	// DestinationPortUnreachableTransportError indicates that a packet reached
    80  	// the destination host, but the transport protocol was not active on the
    81  	// destination port.
    82  	DestinationPortUnreachableTransportError
    83  
    84  	// DestinationNetworkUnreachableTransportError indicates that the destination
    85  	// network was unreachable.
    86  	DestinationNetworkUnreachableTransportError
    87  
    88  	// DestinationProtoUnreachableTransportError indicates that the destination
    89  	// protocol was unreachable.
    90  	DestinationProtoUnreachableTransportError
    91  
    92  	// SourceRouteFailedTransportError indicates that the source route failed.
    93  	SourceRouteFailedTransportError
    94  
    95  	// SourceHostIsolatedTransportError indicates that the source machine is not
    96  	// on the network.
    97  	SourceHostIsolatedTransportError
    98  
    99  	// DestinationHostDownTransportError indicates that the destination host is
   100  	// down.
   101  	DestinationHostDownTransportError
   102  )
   103  
   104  // TransportError is a marker interface for errors that may be handled by the
   105  // transport layer.
   106  type TransportError interface {
   107  	tcpip.SockErrorCause
   108  
   109  	// Kind returns the type of the transport error.
   110  	Kind() TransportErrorKind
   111  }
   112  
   113  // TransportEndpoint is the interface that needs to be implemented by transport
   114  // protocol (e.g., tcp, udp) endpoints that can handle packets.
   115  type TransportEndpoint interface {
   116  	// UniqueID returns an unique ID for this transport endpoint.
   117  	UniqueID() uint64
   118  
   119  	// HandlePacket is called by the stack when new packets arrive to this
   120  	// transport endpoint. It sets the packet buffer's transport header.
   121  	//
   122  	// HandlePacket may modify the packet.
   123  	HandlePacket(TransportEndpointID, *PacketBuffer)
   124  
   125  	// HandleError is called when the transport endpoint receives an error.
   126  	//
   127  	// HandleError takes may modify the packet buffer.
   128  	HandleError(TransportError, *PacketBuffer)
   129  
   130  	// Abort initiates an expedited endpoint teardown. It puts the endpoint
   131  	// in a closed state and frees all resources associated with it. This
   132  	// cleanup may happen asynchronously. Wait can be used to block on this
   133  	// asynchronous cleanup.
   134  	Abort()
   135  
   136  	// Wait waits for any worker goroutines owned by the endpoint to stop.
   137  	//
   138  	// An endpoint can be requested to stop its worker goroutines by calling
   139  	// its Close method.
   140  	//
   141  	// Wait will not block if the endpoint hasn't started any goroutines
   142  	// yet, even if it might later.
   143  	Wait()
   144  }
   145  
   146  // RawTransportEndpoint is the interface that needs to be implemented by raw
   147  // transport protocol endpoints. RawTransportEndpoints receive the entire
   148  // packet - including the network and transport headers - as delivered to
   149  // netstack.
   150  type RawTransportEndpoint interface {
   151  	// HandlePacket is called by the stack when new packets arrive to
   152  	// this transport endpoint. The packet contains all data from the link
   153  	// layer up.
   154  	//
   155  	// HandlePacket may modify the packet.
   156  	HandlePacket(*PacketBuffer)
   157  }
   158  
   159  // PacketEndpoint is the interface that needs to be implemented by packet
   160  // transport protocol endpoints. These endpoints receive link layer headers in
   161  // addition to whatever they contain (usually network and transport layer
   162  // headers and a payload).
   163  type PacketEndpoint interface {
   164  	// HandlePacket is called by the stack when new packets arrive that
   165  	// match the endpoint.
   166  	//
   167  	// Implementers should treat packet as immutable and should copy it
   168  	// before before modification.
   169  	//
   170  	// linkHeader may have a length of 0, in which case the PacketEndpoint
   171  	// should construct its own ethernet header for applications.
   172  	//
   173  	// HandlePacket may modify pkt.
   174  	HandlePacket(nicID tcpip.NICID, netProto tcpip.NetworkProtocolNumber, pkt *PacketBuffer)
   175  }
   176  
   177  // UnknownDestinationPacketDisposition enumerates the possible return values from
   178  // HandleUnknownDestinationPacket().
   179  type UnknownDestinationPacketDisposition int
   180  
   181  const (
   182  	// UnknownDestinationPacketMalformed denotes that the packet was malformed
   183  	// and no further processing should be attempted other than updating
   184  	// statistics.
   185  	UnknownDestinationPacketMalformed UnknownDestinationPacketDisposition = iota
   186  
   187  	// UnknownDestinationPacketUnhandled tells the caller that the packet was
   188  	// well formed but that the issue was not handled and the stack should take
   189  	// the default action.
   190  	UnknownDestinationPacketUnhandled
   191  
   192  	// UnknownDestinationPacketHandled tells the caller that it should do
   193  	// no further processing.
   194  	UnknownDestinationPacketHandled
   195  )
   196  
   197  // TransportProtocol is the interface that needs to be implemented by transport
   198  // protocols (e.g., tcp, udp) that want to be part of the networking stack.
   199  type TransportProtocol interface {
   200  	// Number returns the transport protocol number.
   201  	Number() tcpip.TransportProtocolNumber
   202  
   203  	// NewEndpoint creates a new endpoint of the transport protocol.
   204  	NewEndpoint(netProto tcpip.NetworkProtocolNumber, waitQueue *waiter.Queue) (tcpip.Endpoint, tcpip.Error)
   205  
   206  	// NewRawEndpoint creates a new raw endpoint of the transport protocol.
   207  	NewRawEndpoint(netProto tcpip.NetworkProtocolNumber, waitQueue *waiter.Queue) (tcpip.Endpoint, tcpip.Error)
   208  
   209  	// MinimumPacketSize returns the minimum valid packet size of this
   210  	// transport protocol. The stack automatically drops any packets smaller
   211  	// than this targeted at this protocol.
   212  	MinimumPacketSize() int
   213  
   214  	// ParsePorts returns the source and destination ports stored in a
   215  	// packet of this protocol.
   216  	ParsePorts(b []byte) (src, dst uint16, err tcpip.Error)
   217  
   218  	// HandleUnknownDestinationPacket handles packets targeted at this
   219  	// protocol that don't match any existing endpoint. For example,
   220  	// it is targeted at a port that has no listeners.
   221  	//
   222  	// HandleUnknownDestinationPacket may modify the packet if it handles
   223  	// the issue.
   224  	HandleUnknownDestinationPacket(TransportEndpointID, *PacketBuffer) UnknownDestinationPacketDisposition
   225  
   226  	// SetOption allows enabling/disabling protocol specific features.
   227  	// SetOption returns an error if the option is not supported or the
   228  	// provided option value is invalid.
   229  	SetOption(option tcpip.SettableTransportProtocolOption) tcpip.Error
   230  
   231  	// Option allows retrieving protocol specific option values.
   232  	// Option returns an error if the option is not supported or the
   233  	// provided option value is invalid.
   234  	Option(option tcpip.GettableTransportProtocolOption) tcpip.Error
   235  
   236  	// Close requests that any worker goroutines owned by the protocol
   237  	// stop.
   238  	Close()
   239  
   240  	// Wait waits for any worker goroutines owned by the protocol to stop.
   241  	Wait()
   242  
   243  	// Pause requests that any protocol level background workers pause.
   244  	Pause()
   245  
   246  	// Resume resumes any protocol level background workers that were
   247  	// previously paused by Pause.
   248  	Resume()
   249  
   250  	// Parse sets pkt.TransportHeader and trims pkt.Data appropriately. It does
   251  	// neither and returns false if pkt.Data is too small, i.e. pkt.Data.Size() <
   252  	// MinimumPacketSize()
   253  	Parse(pkt *PacketBuffer) (ok bool)
   254  }
   255  
   256  // TransportPacketDisposition is the result from attempting to deliver a packet
   257  // to the transport layer.
   258  type TransportPacketDisposition int
   259  
   260  const (
   261  	// TransportPacketHandled indicates that a transport packet was handled by the
   262  	// transport layer and callers need not take any further action.
   263  	TransportPacketHandled TransportPacketDisposition = iota
   264  
   265  	// TransportPacketProtocolUnreachable indicates that the transport
   266  	// protocol requested in the packet is not supported.
   267  	TransportPacketProtocolUnreachable
   268  
   269  	// TransportPacketDestinationPortUnreachable indicates that there weren't any
   270  	// listeners interested in the packet and the transport protocol has no means
   271  	// to notify the sender.
   272  	TransportPacketDestinationPortUnreachable
   273  )
   274  
   275  // TransportDispatcher contains the methods used by the network stack to deliver
   276  // packets to the appropriate transport endpoint after it has been handled by
   277  // the network layer.
   278  type TransportDispatcher interface {
   279  	// DeliverTransportPacket delivers packets to the appropriate
   280  	// transport protocol endpoint.
   281  	//
   282  	// pkt.NetworkHeader must be set before calling DeliverTransportPacket.
   283  	//
   284  	// DeliverTransportPacket may modify the packet.
   285  	DeliverTransportPacket(tcpip.TransportProtocolNumber, *PacketBuffer) TransportPacketDisposition
   286  
   287  	// DeliverTransportError delivers an error to the appropriate transport
   288  	// endpoint.
   289  	//
   290  	// DeliverTransportError may modify the packet buffer.
   291  	DeliverTransportError(local, remote tcpip.Address, _ tcpip.NetworkProtocolNumber, _ tcpip.TransportProtocolNumber, _ TransportError, _ *PacketBuffer)
   292  
   293  	// DeliverRawPacket delivers a packet to any subscribed raw sockets.
   294  	//
   295  	// DeliverRawPacket does NOT take ownership of the packet buffer.
   296  	DeliverRawPacket(tcpip.TransportProtocolNumber, *PacketBuffer)
   297  }
   298  
   299  // PacketLooping specifies where an outbound packet should be sent.
   300  type PacketLooping byte
   301  
   302  const (
   303  	// PacketOut indicates that the packet should be passed to the link
   304  	// endpoint.
   305  	PacketOut PacketLooping = 1 << iota
   306  
   307  	// PacketLoop indicates that the packet should be handled locally.
   308  	PacketLoop
   309  )
   310  
   311  // NetworkHeaderParams are the header parameters given as input by the
   312  // transport endpoint to the network.
   313  type NetworkHeaderParams struct {
   314  	// Protocol refers to the transport protocol number.
   315  	Protocol tcpip.TransportProtocolNumber
   316  
   317  	// TTL refers to Time To Live field of the IP-header.
   318  	TTL uint8
   319  
   320  	// TOS refers to TypeOfService or TrafficClass field of the IP-header.
   321  	TOS uint8
   322  }
   323  
   324  // GroupAddressableEndpoint is an endpoint that supports group addressing.
   325  //
   326  // An endpoint is considered to support group addressing when one or more
   327  // endpoints may associate themselves with the same identifier (group address).
   328  type GroupAddressableEndpoint interface {
   329  	// JoinGroup joins the specified group.
   330  	JoinGroup(group tcpip.Address) tcpip.Error
   331  
   332  	// LeaveGroup attempts to leave the specified group.
   333  	LeaveGroup(group tcpip.Address) tcpip.Error
   334  
   335  	// IsInGroup returns true if the endpoint is a member of the specified group.
   336  	IsInGroup(group tcpip.Address) bool
   337  }
   338  
   339  // PrimaryEndpointBehavior is an enumeration of an AddressEndpoint's primary
   340  // behavior.
   341  type PrimaryEndpointBehavior int
   342  
   343  const (
   344  	// CanBePrimaryEndpoint indicates the endpoint can be used as a primary
   345  	// endpoint for new connections with no local address.
   346  	CanBePrimaryEndpoint PrimaryEndpointBehavior = iota
   347  
   348  	// FirstPrimaryEndpoint indicates the endpoint should be the first
   349  	// primary endpoint considered. If there are multiple endpoints with
   350  	// this behavior, they are ordered by recency.
   351  	FirstPrimaryEndpoint
   352  
   353  	// NeverPrimaryEndpoint indicates the endpoint should never be a
   354  	// primary endpoint.
   355  	NeverPrimaryEndpoint
   356  )
   357  
   358  func (peb PrimaryEndpointBehavior) String() string {
   359  	switch peb {
   360  	case CanBePrimaryEndpoint:
   361  		return "CanBePrimaryEndpoint"
   362  	case FirstPrimaryEndpoint:
   363  		return "FirstPrimaryEndpoint"
   364  	case NeverPrimaryEndpoint:
   365  		return "NeverPrimaryEndpoint"
   366  	default:
   367  		panic(fmt.Sprintf("unknown primary endpoint behavior: %d", peb))
   368  	}
   369  }
   370  
   371  // AddressConfigType is the method used to add an address.
   372  type AddressConfigType int
   373  
   374  const (
   375  	// AddressConfigStatic is a statically configured address endpoint that was
   376  	// added by some user-specified action (adding an explicit address, joining a
   377  	// multicast group).
   378  	AddressConfigStatic AddressConfigType = iota
   379  
   380  	// AddressConfigSlaac is an address endpoint added by SLAAC, as per RFC 4862
   381  	// section 5.5.3.
   382  	AddressConfigSlaac
   383  )
   384  
   385  // AddressLifetimes encodes an address' preferred and valid lifetimes, as well
   386  // as if the address is deprecated.
   387  type AddressLifetimes struct {
   388  	// Deprecated is whether the address is deprecated.
   389  	Deprecated bool
   390  
   391  	// PreferredUntil is the time at which the address will be deprecated.
   392  	//
   393  	// Note that for certain addresses, deprecating the address at the
   394  	// PreferredUntil time is not handled as a scheduled job by the stack, but
   395  	// is information provided by the owner as an indication of when it will
   396  	// deprecate the address.
   397  	//
   398  	// PreferredUntil should be ignored if Deprecated is true. If Deprecated
   399  	// is false, and PreferredUntil is the zero value, no information about
   400  	// the preferred lifetime can be inferred.
   401  	PreferredUntil tcpip.MonotonicTime
   402  
   403  	// ValidUntil is the time at which the address will be invalidated.
   404  	//
   405  	// Note that for certain addresses, invalidating the address at the
   406  	// ValidUntil time is not handled as a scheduled job by the stack, but
   407  	// is information provided by the owner as an indication of when it will
   408  	// invalidate the address.
   409  	//
   410  	// If ValidUntil is the zero value, no information about the valid lifetime
   411  	// can be inferred.
   412  	ValidUntil tcpip.MonotonicTime
   413  }
   414  
   415  // AddressProperties contains additional properties that can be configured when
   416  // adding an address.
   417  type AddressProperties struct {
   418  	PEB        PrimaryEndpointBehavior
   419  	ConfigType AddressConfigType
   420  	// Lifetimes encodes the address' lifetimes.
   421  	//
   422  	// Lifetimes.PreferredUntil and Lifetimes.ValidUntil are informational, i.e.
   423  	// the stack will not deprecated nor invalidate the address upon reaching
   424  	// these timestamps.
   425  	//
   426  	// If Lifetimes.Deprecated is true, the address will be added as deprecated.
   427  	Lifetimes AddressLifetimes
   428  	// Temporary is as defined in RFC 4941, but applies not only to addresses
   429  	// added via SLAAC, e.g. DHCPv6 can also add temporary addresses. Temporary
   430  	// addresses are short-lived and are not to be valid (or preferred)
   431  	// forever; hence the term temporary.
   432  	Temporary bool
   433  	Disp      AddressDispatcher
   434  }
   435  
   436  // AddressAssignmentState is an address' assignment state.
   437  type AddressAssignmentState int
   438  
   439  const (
   440  	_ AddressAssignmentState = iota
   441  
   442  	// AddressDisabled indicates the NIC the address is assigned to is disabled.
   443  	AddressDisabled
   444  
   445  	// AddressTentative indicates an address is yet to pass DAD (IPv4 addresses
   446  	// are never tentative).
   447  	AddressTentative
   448  
   449  	// AddressAssigned indicates an address is assigned.
   450  	AddressAssigned
   451  )
   452  
   453  func (state AddressAssignmentState) String() string {
   454  	switch state {
   455  	case AddressDisabled:
   456  		return "Disabled"
   457  	case AddressTentative:
   458  		return "Tentative"
   459  	case AddressAssigned:
   460  		return "Assigned"
   461  	default:
   462  		panic(fmt.Sprintf("unknown address assignment state: %d", state))
   463  	}
   464  }
   465  
   466  // AddressRemovalReason is the reason an address was removed.
   467  type AddressRemovalReason int
   468  
   469  const (
   470  	_ AddressRemovalReason = iota
   471  
   472  	// AddressRemovalManualAction indicates the address was removed explicitly
   473  	// using the stack API.
   474  	AddressRemovalManualAction
   475  
   476  	// AddressRemovalInterfaceRemoved indicates the address was removed because
   477  	// the NIC it is assigned to was removed.
   478  	AddressRemovalInterfaceRemoved
   479  
   480  	// AddressRemovalDADFailed indicates the address was removed because DAD
   481  	// failed.
   482  	AddressRemovalDADFailed
   483  
   484  	// AddressRemovalInvalidated indicates the address was removed because it
   485  	// was invalidated.
   486  	AddressRemovalInvalidated
   487  )
   488  
   489  func (reason AddressRemovalReason) String() string {
   490  	switch reason {
   491  	case AddressRemovalManualAction:
   492  		return "ManualAction"
   493  	case AddressRemovalInterfaceRemoved:
   494  		return "InterfaceRemoved"
   495  	case AddressRemovalDADFailed:
   496  		return "DADFailed"
   497  	case AddressRemovalInvalidated:
   498  		return "Invalidated"
   499  	default:
   500  		panic(fmt.Sprintf("unknown address removal reason: %d", reason))
   501  	}
   502  }
   503  
   504  // AddressDispatcher is the interface integrators can implement to receive
   505  // address-related events.
   506  type AddressDispatcher interface {
   507  	// OnChanged is called with an address' properties when they change.
   508  	//
   509  	// OnChanged is called once when the address is added with the initial state,
   510  	// and every time a property changes.
   511  	//
   512  	// The PreferredUntil and ValidUntil fields in AddressLifetimes must be
   513  	// considered informational, i.e. one must not consider an address to be
   514  	// deprecated/invalid even if the monotonic clock timestamp is past these
   515  	// deadlines. The Deprecated field indicates whether an address is
   516  	// preferred or not; and OnRemoved will be called when an address is
   517  	// removed due to invalidation.
   518  	OnChanged(AddressLifetimes, AddressAssignmentState)
   519  
   520  	// OnRemoved is called when an address is removed with the removal reason.
   521  	OnRemoved(AddressRemovalReason)
   522  }
   523  
   524  // AssignableAddressEndpoint is a reference counted address endpoint that may be
   525  // assigned to a NetworkEndpoint.
   526  type AssignableAddressEndpoint interface {
   527  	// AddressWithPrefix returns the endpoint's address.
   528  	AddressWithPrefix() tcpip.AddressWithPrefix
   529  
   530  	// Subnet returns the subnet of the endpoint's address.
   531  	Subnet() tcpip.Subnet
   532  
   533  	// IsAssigned returns whether or not the endpoint is considered bound
   534  	// to its NetworkEndpoint.
   535  	IsAssigned(allowExpired bool) bool
   536  
   537  	// TryIncRef tries to increment this endpoint's reference count.
   538  	//
   539  	// Returns true if it was successfully incremented. If it returns false, then
   540  	// the endpoint is considered expired and should no longer be used.
   541  	TryIncRef() bool
   542  
   543  	// DecRef decrements this endpoint's reference count.
   544  	DecRef()
   545  }
   546  
   547  // AddressEndpoint is an endpoint representing an address assigned to an
   548  // AddressableEndpoint.
   549  type AddressEndpoint interface {
   550  	AssignableAddressEndpoint
   551  
   552  	// GetKind returns the address kind for this endpoint.
   553  	GetKind() AddressKind
   554  
   555  	// SetKind sets the address kind for this endpoint.
   556  	SetKind(AddressKind)
   557  
   558  	// ConfigType returns the method used to add the address.
   559  	ConfigType() AddressConfigType
   560  
   561  	// Deprecated returns whether or not this endpoint is deprecated.
   562  	Deprecated() bool
   563  
   564  	// SetDeprecated sets this endpoint's deprecated status.
   565  	SetDeprecated(bool)
   566  
   567  	// Lifetimes returns this endpoint's lifetimes.
   568  	Lifetimes() AddressLifetimes
   569  
   570  	// SetLifetimes sets this endpoint's lifetimes.
   571  	//
   572  	// Note that setting preferred-until and valid-until times do not result in
   573  	// deprecation/invalidation jobs to be scheduled by the stack.
   574  	SetLifetimes(AddressLifetimes)
   575  
   576  	// Temporary returns whether or not this endpoint is temporary.
   577  	Temporary() bool
   578  
   579  	// RegisterDispatcher registers an address dispatcher.
   580  	//
   581  	// OnChanged will be called immediately on the provided address dispatcher
   582  	// with this endpoint's current state.
   583  	RegisterDispatcher(AddressDispatcher)
   584  }
   585  
   586  // AddressKind is the kind of an address.
   587  //
   588  // See the values of AddressKind for more details.
   589  type AddressKind int
   590  
   591  const (
   592  	// PermanentTentative is a permanent address endpoint that is not yet
   593  	// considered to be fully bound to an interface in the traditional
   594  	// sense. That is, the address is associated with a NIC, but packets
   595  	// destined to the address MUST NOT be accepted and MUST be silently
   596  	// dropped, and the address MUST NOT be used as a source address for
   597  	// outgoing packets. For IPv6, addresses are of this kind until NDP's
   598  	// Duplicate Address Detection (DAD) resolves. If DAD fails, the address
   599  	// is removed.
   600  	PermanentTentative AddressKind = iota
   601  
   602  	// Permanent is a permanent endpoint (vs. a temporary one) assigned to the
   603  	// NIC. Its reference count is biased by 1 to avoid removal when no route
   604  	// holds a reference to it. It is removed by explicitly removing the address
   605  	// from the NIC.
   606  	Permanent
   607  
   608  	// PermanentExpired is a permanent endpoint that had its address removed from
   609  	// the NIC, and it is waiting to be removed once no references to it are held.
   610  	//
   611  	// If the address is re-added before the endpoint is removed, its type
   612  	// changes back to Permanent.
   613  	PermanentExpired
   614  
   615  	// Temporary is an endpoint, created on a one-off basis to temporarily
   616  	// consider the NIC bound an an address that it is not explicitly bound to
   617  	// (such as a permanent address). Its reference count must not be biased by 1
   618  	// so that the address is removed immediately when references to it are no
   619  	// longer held.
   620  	//
   621  	// A temporary endpoint may be promoted to permanent if the address is added
   622  	// permanently.
   623  	Temporary
   624  )
   625  
   626  // IsPermanent returns true if the AddressKind represents a permanent address.
   627  func (k AddressKind) IsPermanent() bool {
   628  	switch k {
   629  	case Permanent, PermanentTentative:
   630  		return true
   631  	case Temporary, PermanentExpired:
   632  		return false
   633  	default:
   634  		panic(fmt.Sprintf("unrecognized address kind = %d", k))
   635  	}
   636  }
   637  
   638  // AddressableEndpoint is an endpoint that supports addressing.
   639  //
   640  // An endpoint is considered to support addressing when the endpoint may
   641  // associate itself with an identifier (address).
   642  type AddressableEndpoint interface {
   643  	// AddAndAcquirePermanentAddress adds the passed permanent address.
   644  	//
   645  	// Returns *tcpip.ErrDuplicateAddress if the address exists.
   646  	//
   647  	// Acquires and returns the AddressEndpoint for the added address.
   648  	AddAndAcquirePermanentAddress(addr tcpip.AddressWithPrefix, properties AddressProperties) (AddressEndpoint, tcpip.Error)
   649  
   650  	// RemovePermanentAddress removes the passed address if it is a permanent
   651  	// address.
   652  	//
   653  	// Returns *tcpip.ErrBadLocalAddress if the endpoint does not have the passed
   654  	// permanent address.
   655  	RemovePermanentAddress(addr tcpip.Address) tcpip.Error
   656  
   657  	// SetLifetimes sets an address' lifetimes (strictly informational) and
   658  	// whether it should be deprecated or preferred.
   659  	//
   660  	// Returns *tcpip.ErrBadLocalAddress if the endpoint does not have the passed
   661  	// address.
   662  	SetLifetimes(addr tcpip.Address, lifetimes AddressLifetimes) tcpip.Error
   663  
   664  	// MainAddress returns the endpoint's primary permanent address.
   665  	MainAddress() tcpip.AddressWithPrefix
   666  
   667  	// AcquireAssignedAddress returns an address endpoint for the passed address
   668  	// that is considered bound to the endpoint, optionally creating a temporary
   669  	// endpoint if requested and no existing address exists.
   670  	//
   671  	// The returned endpoint's reference count is incremented.
   672  	//
   673  	// Returns nil if the specified address is not local to this endpoint.
   674  	AcquireAssignedAddress(localAddr tcpip.Address, allowTemp bool, tempPEB PrimaryEndpointBehavior) AddressEndpoint
   675  
   676  	// AcquireOutgoingPrimaryAddress returns a primary address that may be used as
   677  	// a source address when sending packets to the passed remote address.
   678  	//
   679  	// If allowExpired is true, expired addresses may be returned.
   680  	//
   681  	// The returned endpoint's reference count is incremented.
   682  	//
   683  	// Returns nil if a primary address is not available.
   684  	AcquireOutgoingPrimaryAddress(remoteAddr, srcHint tcpip.Address, allowExpired bool) AddressEndpoint
   685  
   686  	// PrimaryAddresses returns the primary addresses.
   687  	PrimaryAddresses() []tcpip.AddressWithPrefix
   688  
   689  	// PermanentAddresses returns all the permanent addresses.
   690  	PermanentAddresses() []tcpip.AddressWithPrefix
   691  }
   692  
   693  // NDPEndpoint is a network endpoint that supports NDP.
   694  type NDPEndpoint interface {
   695  	NetworkEndpoint
   696  
   697  	// InvalidateDefaultRouter invalidates a default router discovered through
   698  	// NDP.
   699  	InvalidateDefaultRouter(tcpip.Address)
   700  }
   701  
   702  // NetworkInterface is a network interface.
   703  type NetworkInterface interface {
   704  	NetworkLinkEndpoint
   705  
   706  	// ID returns the interface's ID.
   707  	ID() tcpip.NICID
   708  
   709  	// IsLoopback returns true if the interface is a loopback interface.
   710  	IsLoopback() bool
   711  
   712  	// Name returns the name of the interface.
   713  	//
   714  	// May return an empty string if the interface is not configured with a name.
   715  	Name() string
   716  
   717  	// Enabled returns true if the interface is enabled.
   718  	Enabled() bool
   719  
   720  	// Promiscuous returns true if the interface is in promiscuous mode.
   721  	//
   722  	// When in promiscuous mode, the interface should accept all packets.
   723  	Promiscuous() bool
   724  
   725  	// Spoofing returns true if the interface is in spoofing mode.
   726  	//
   727  	// When in spoofing mode, the interface should consider all addresses as
   728  	// assigned to it.
   729  	Spoofing() bool
   730  
   731  	// PrimaryAddress returns the primary address associated with the interface.
   732  	//
   733  	// PrimaryAddress will return the first non-deprecated address if such an
   734  	// address exists. If no non-deprecated addresses exist, the first deprecated
   735  	// address will be returned. If no deprecated addresses exist, the zero value
   736  	// will be returned.
   737  	PrimaryAddress(tcpip.NetworkProtocolNumber) (tcpip.AddressWithPrefix, tcpip.Error)
   738  
   739  	// CheckLocalAddress returns true if the address exists on the interface.
   740  	CheckLocalAddress(tcpip.NetworkProtocolNumber, tcpip.Address) bool
   741  
   742  	// WritePacketToRemote writes the packet to the given remote link address.
   743  	WritePacketToRemote(tcpip.LinkAddress, *PacketBuffer) tcpip.Error
   744  
   745  	// WritePacket writes a packet through the given route.
   746  	//
   747  	// WritePacket may modify the packet buffer. The packet buffer's
   748  	// network and transport header must be set.
   749  	WritePacket(*Route, *PacketBuffer) tcpip.Error
   750  
   751  	// HandleNeighborProbe processes an incoming neighbor probe (e.g. ARP
   752  	// request or NDP Neighbor Solicitation).
   753  	//
   754  	// HandleNeighborProbe assumes that the probe is valid for the network
   755  	// interface the probe was received on.
   756  	HandleNeighborProbe(tcpip.NetworkProtocolNumber, tcpip.Address, tcpip.LinkAddress) tcpip.Error
   757  
   758  	// HandleNeighborConfirmation processes an incoming neighbor confirmation
   759  	// (e.g. ARP reply or NDP Neighbor Advertisement).
   760  	HandleNeighborConfirmation(tcpip.NetworkProtocolNumber, tcpip.Address, tcpip.LinkAddress, ReachabilityConfirmationFlags) tcpip.Error
   761  }
   762  
   763  // LinkResolvableNetworkEndpoint handles link resolution events.
   764  type LinkResolvableNetworkEndpoint interface {
   765  	// HandleLinkResolutionFailure is called when link resolution prevents the
   766  	// argument from having been sent.
   767  	HandleLinkResolutionFailure(*PacketBuffer)
   768  }
   769  
   770  // NetworkEndpoint is the interface that needs to be implemented by endpoints
   771  // of network layer protocols (e.g., ipv4, ipv6).
   772  type NetworkEndpoint interface {
   773  	// Enable enables the endpoint.
   774  	//
   775  	// Must only be called when the stack is in a state that allows the endpoint
   776  	// to send and receive packets.
   777  	//
   778  	// Returns *tcpip.ErrNotPermitted if the endpoint cannot be enabled.
   779  	Enable() tcpip.Error
   780  
   781  	// Enabled returns true if the endpoint is enabled.
   782  	Enabled() bool
   783  
   784  	// Disable disables the endpoint.
   785  	Disable()
   786  
   787  	// DefaultTTL is the default time-to-live value (or hop limit, in ipv6)
   788  	// for this endpoint.
   789  	DefaultTTL() uint8
   790  
   791  	// MTU is the maximum transmission unit for this endpoint. This is
   792  	// generally calculated as the MTU of the underlying data link endpoint
   793  	// minus the network endpoint max header length.
   794  	MTU() uint32
   795  
   796  	// MaxHeaderLength returns the maximum size the network (and lower
   797  	// level layers combined) headers can have. Higher levels use this
   798  	// information to reserve space in the front of the packets they're
   799  	// building.
   800  	MaxHeaderLength() uint16
   801  
   802  	// WritePacket writes a packet to the given destination address and
   803  	// protocol. It may modify pkt. pkt.TransportHeader must have
   804  	// already been set.
   805  	WritePacket(r *Route, params NetworkHeaderParams, pkt *PacketBuffer) tcpip.Error
   806  
   807  	// WriteHeaderIncludedPacket writes a packet that includes a network
   808  	// header to the given destination address. It may modify pkt.
   809  	WriteHeaderIncludedPacket(r *Route, pkt *PacketBuffer) tcpip.Error
   810  
   811  	// HandlePacket is called by the link layer when new packets arrive to
   812  	// this network endpoint. It sets pkt.NetworkHeader.
   813  	//
   814  	// HandlePacket may modify pkt.
   815  	HandlePacket(pkt *PacketBuffer)
   816  
   817  	// Close is called when the endpoint is removed from a stack.
   818  	Close()
   819  
   820  	// NetworkProtocolNumber returns the tcpip.NetworkProtocolNumber for
   821  	// this endpoint.
   822  	NetworkProtocolNumber() tcpip.NetworkProtocolNumber
   823  
   824  	// Stats returns a reference to the network endpoint stats.
   825  	Stats() NetworkEndpointStats
   826  }
   827  
   828  // NetworkEndpointStats is the interface implemented by each network endpoint
   829  // stats struct.
   830  type NetworkEndpointStats interface {
   831  	// IsNetworkEndpointStats is an empty method to implement the
   832  	// NetworkEndpointStats marker interface.
   833  	IsNetworkEndpointStats()
   834  }
   835  
   836  // IPNetworkEndpointStats is a NetworkEndpointStats that tracks IP-related
   837  // statistics.
   838  type IPNetworkEndpointStats interface {
   839  	NetworkEndpointStats
   840  
   841  	// IPStats returns the IP statistics of a network endpoint.
   842  	IPStats() *tcpip.IPStats
   843  }
   844  
   845  // ForwardingNetworkEndpoint is a network endpoint that may forward packets.
   846  type ForwardingNetworkEndpoint interface {
   847  	NetworkEndpoint
   848  
   849  	// Forwarding returns the forwarding configuration.
   850  	Forwarding() bool
   851  
   852  	// SetForwarding sets the forwarding configuration.
   853  	//
   854  	// Returns the previous forwarding configuration.
   855  	SetForwarding(bool) bool
   856  }
   857  
   858  // MulticastForwardingNetworkEndpoint is a network endpoint that may forward
   859  // multicast packets.
   860  type MulticastForwardingNetworkEndpoint interface {
   861  	ForwardingNetworkEndpoint
   862  
   863  	// MulticastForwarding returns true if multicast forwarding is enabled.
   864  	// Otherwise, returns false.
   865  	MulticastForwarding() bool
   866  
   867  	// SetMulticastForwarding sets the multicast forwarding configuration.
   868  	//
   869  	// Returns the previous forwarding configuration.
   870  	SetMulticastForwarding(bool) bool
   871  }
   872  
   873  // NetworkProtocol is the interface that needs to be implemented by network
   874  // protocols (e.g., ipv4, ipv6) that want to be part of the networking stack.
   875  type NetworkProtocol interface {
   876  	// Number returns the network protocol number.
   877  	Number() tcpip.NetworkProtocolNumber
   878  
   879  	// MinimumPacketSize returns the minimum valid packet size of this
   880  	// network protocol. The stack automatically drops any packets smaller
   881  	// than this targeted at this protocol.
   882  	MinimumPacketSize() int
   883  
   884  	// ParseAddresses returns the source and destination addresses stored in a
   885  	// packet of this protocol.
   886  	ParseAddresses(b []byte) (src, dst tcpip.Address)
   887  
   888  	// NewEndpoint creates a new endpoint of this protocol.
   889  	NewEndpoint(nic NetworkInterface, dispatcher TransportDispatcher) NetworkEndpoint
   890  
   891  	// SetOption allows enabling/disabling protocol specific features.
   892  	// SetOption returns an error if the option is not supported or the
   893  	// provided option value is invalid.
   894  	SetOption(option tcpip.SettableNetworkProtocolOption) tcpip.Error
   895  
   896  	// Option allows retrieving protocol specific option values.
   897  	// Option returns an error if the option is not supported or the
   898  	// provided option value is invalid.
   899  	Option(option tcpip.GettableNetworkProtocolOption) tcpip.Error
   900  
   901  	// Close requests that any worker goroutines owned by the protocol
   902  	// stop.
   903  	Close()
   904  
   905  	// Wait waits for any worker goroutines owned by the protocol to stop.
   906  	Wait()
   907  
   908  	// Parse sets pkt.NetworkHeader and trims pkt.Data appropriately. It
   909  	// returns:
   910  	//	- The encapsulated protocol, if present.
   911  	//	- Whether there is an encapsulated transport protocol payload (e.g. ARP
   912  	//		does not encapsulate anything).
   913  	//	- Whether pkt.Data was large enough to parse and set pkt.NetworkHeader.
   914  	Parse(pkt *PacketBuffer) (proto tcpip.TransportProtocolNumber, hasTransportHdr bool, ok bool)
   915  }
   916  
   917  // UnicastSourceAndMulticastDestination is a tuple that represents a unicast
   918  // source address and a multicast destination address.
   919  type UnicastSourceAndMulticastDestination struct {
   920  	// Source represents a unicast source address.
   921  	Source tcpip.Address
   922  	// Destination represents a multicast destination address.
   923  	Destination tcpip.Address
   924  }
   925  
   926  // MulticastRouteOutgoingInterface represents an outgoing interface in a
   927  // multicast route.
   928  type MulticastRouteOutgoingInterface struct {
   929  	// ID corresponds to the outgoing NIC.
   930  	ID tcpip.NICID
   931  
   932  	// MinTTL represents the minimum TTL/HopLimit a multicast packet must have to
   933  	// be sent through the outgoing interface.
   934  	//
   935  	// Note: a value of 0 allows all packets to be forwarded.
   936  	MinTTL uint8
   937  }
   938  
   939  // MulticastRoute is a multicast route.
   940  type MulticastRoute struct {
   941  	// ExpectedInputInterface is the interface on which packets using this route
   942  	// are expected to ingress.
   943  	ExpectedInputInterface tcpip.NICID
   944  
   945  	// OutgoingInterfaces is the set of interfaces that a multicast packet should
   946  	// be forwarded out of.
   947  	//
   948  	// This field should not be empty.
   949  	OutgoingInterfaces []MulticastRouteOutgoingInterface
   950  }
   951  
   952  // MulticastForwardingNetworkProtocol is the interface that needs to be
   953  // implemented by the network protocols that support multicast forwarding.
   954  type MulticastForwardingNetworkProtocol interface {
   955  	NetworkProtocol
   956  
   957  	// AddMulticastRoute adds a route to the multicast routing table such that
   958  	// packets matching the addresses will be forwarded using the provided route.
   959  	//
   960  	// Returns an error if the addresses or route is invalid.
   961  	AddMulticastRoute(UnicastSourceAndMulticastDestination, MulticastRoute) tcpip.Error
   962  
   963  	// RemoveMulticastRoute removes the route matching the provided addresses
   964  	// from the multicast routing table.
   965  	//
   966  	// Returns an error if the addresses are invalid or a matching route is not
   967  	// found.
   968  	RemoveMulticastRoute(UnicastSourceAndMulticastDestination) tcpip.Error
   969  
   970  	// MulticastRouteLastUsedTime returns a monotonic timestamp that
   971  	// represents the last time that the route matching the provided addresses
   972  	// was used or updated.
   973  	//
   974  	// Returns an error if the addresses are invalid or a matching route was not
   975  	// found.
   976  	MulticastRouteLastUsedTime(UnicastSourceAndMulticastDestination) (tcpip.MonotonicTime, tcpip.Error)
   977  
   978  	// EnableMulticastForwarding enables multicast forwarding for the protocol.
   979  	//
   980  	// Returns an error if the provided multicast forwarding event dispatcher is
   981  	// nil. Otherwise, returns true if the multicast forwarding was already
   982  	// enabled.
   983  	EnableMulticastForwarding(MulticastForwardingEventDispatcher) (bool, tcpip.Error)
   984  
   985  	// DisableMulticastForwarding disables multicast forwarding for the protocol.
   986  	DisableMulticastForwarding()
   987  }
   988  
   989  // MulticastPacketContext is the context in which a multicast packet triggered
   990  // a multicast forwarding event.
   991  type MulticastPacketContext struct {
   992  	// SourceAndDestination contains the unicast source address and the multicast
   993  	// destination address found in the relevant multicast packet.
   994  	SourceAndDestination UnicastSourceAndMulticastDestination
   995  	// InputInterface is the interface on which the relevant multicast packet
   996  	// arrived.
   997  	InputInterface tcpip.NICID
   998  }
   999  
  1000  // MulticastForwardingEventDispatcher is the interface that integrators should
  1001  // implement to handle multicast routing events.
  1002  type MulticastForwardingEventDispatcher interface {
  1003  	// OnMissingRoute is called when an incoming multicast packet does not match
  1004  	// any installed route.
  1005  	//
  1006  	// The packet that triggered this event may be queued so that it can be
  1007  	// transmitted once a route is installed. Even then, it may still be dropped
  1008  	// as per the routing table's GC/eviction policy.
  1009  	OnMissingRoute(MulticastPacketContext)
  1010  
  1011  	// OnUnexpectedInputInterface is called when a multicast packet arrives at an
  1012  	// interface that does not match the installed route's expected input
  1013  	// interface.
  1014  	//
  1015  	// This may be an indication of a routing loop. The packet that triggered
  1016  	// this event is dropped without being forwarded.
  1017  	OnUnexpectedInputInterface(context MulticastPacketContext, expectedInputInterface tcpip.NICID)
  1018  }
  1019  
  1020  // NetworkDispatcher contains the methods used by the network stack to deliver
  1021  // inbound/outbound packets to the appropriate network/packet(if any) endpoints.
  1022  type NetworkDispatcher interface {
  1023  	// DeliverNetworkPacket finds the appropriate network protocol endpoint
  1024  	// and hands the packet over for further processing.
  1025  	//
  1026  	//
  1027  	// If the link-layer has a header, the packet's link header must be populated.
  1028  	//
  1029  	// DeliverNetworkPacket may modify pkt.
  1030  	DeliverNetworkPacket(protocol tcpip.NetworkProtocolNumber, pkt *PacketBuffer)
  1031  
  1032  	// DeliverLinkPacket delivers a packet to any interested packet endpoints.
  1033  	//
  1034  	// This method should be called with both incoming and outgoing packets.
  1035  	//
  1036  	// If the link-layer has a header, the packet's link header must be populated.
  1037  	DeliverLinkPacket(protocol tcpip.NetworkProtocolNumber, pkt *PacketBuffer)
  1038  }
  1039  
  1040  // LinkEndpointCapabilities is the type associated with the capabilities
  1041  // supported by a link-layer endpoint. It is a set of bitfields.
  1042  type LinkEndpointCapabilities uint
  1043  
  1044  // The following are the supported link endpoint capabilities.
  1045  const (
  1046  	CapabilityNone LinkEndpointCapabilities = 0
  1047  	// CapabilityTXChecksumOffload indicates that the link endpoint supports
  1048  	// checksum computation for outgoing packets and the stack can skip
  1049  	// computing checksums when sending packets.
  1050  	CapabilityTXChecksumOffload LinkEndpointCapabilities = 1 << iota
  1051  	// CapabilityRXChecksumOffload indicates that the link endpoint supports
  1052  	// checksum verification on received packets and that it's safe for the
  1053  	// stack to skip checksum verification.
  1054  	CapabilityRXChecksumOffload
  1055  	CapabilityResolutionRequired
  1056  	CapabilitySaveRestore
  1057  	CapabilityDisconnectOk
  1058  	CapabilityLoopback
  1059  )
  1060  
  1061  // LinkWriter is an interface that supports sending packets via a data-link
  1062  // layer endpoint. It is used with QueueingDiscipline to batch writes from
  1063  // upper layer endpoints.
  1064  type LinkWriter interface {
  1065  	// WritePackets writes packets. Must not be called with an empty list of
  1066  	// packet buffers.
  1067  	//
  1068  	// Each packet must have the link-layer header set, if the link requires
  1069  	// one.
  1070  	//
  1071  	// WritePackets may modify the packet buffers, and takes ownership of the PacketBufferList.
  1072  	// it is not safe to use the PacketBufferList after a call to WritePackets.
  1073  	WritePackets(PacketBufferList) (int, tcpip.Error)
  1074  }
  1075  
  1076  // NetworkLinkEndpoint is a data-link layer that supports sending network
  1077  // layer packets.
  1078  type NetworkLinkEndpoint interface {
  1079  	// MTU is the maximum transmission unit for this endpoint. This is
  1080  	// usually dictated by the backing physical network; when such a
  1081  	// physical network doesn't exist, the limit is generally 64k, which
  1082  	// includes the maximum size of an IP packet.
  1083  	MTU() uint32
  1084  
  1085  	// MaxHeaderLength returns the maximum size the data link (and
  1086  	// lower level layers combined) headers can have. Higher levels use this
  1087  	// information to reserve space in the front of the packets they're
  1088  	// building.
  1089  	MaxHeaderLength() uint16
  1090  
  1091  	// LinkAddress returns the link address (typically a MAC) of the
  1092  	// endpoint.
  1093  	LinkAddress() tcpip.LinkAddress
  1094  
  1095  	// Capabilities returns the set of capabilities supported by the
  1096  	// endpoint.
  1097  	Capabilities() LinkEndpointCapabilities
  1098  
  1099  	// Attach attaches the data link layer endpoint to the network-layer
  1100  	// dispatcher of the stack.
  1101  	//
  1102  	// Attach is called with a nil dispatcher when the endpoint's NIC is being
  1103  	// removed.
  1104  	Attach(dispatcher NetworkDispatcher)
  1105  
  1106  	// IsAttached returns whether a NetworkDispatcher is attached to the
  1107  	// endpoint.
  1108  	IsAttached() bool
  1109  
  1110  	// Wait waits for any worker goroutines owned by the endpoint to stop.
  1111  	//
  1112  	// For now, requesting that an endpoint's worker goroutine(s) stop is
  1113  	// implementation specific.
  1114  	//
  1115  	// Wait will not block if the endpoint hasn't started any goroutines
  1116  	// yet, even if it might later.
  1117  	Wait()
  1118  
  1119  	// ARPHardwareType returns the ARPHRD_TYPE of the link endpoint.
  1120  	//
  1121  	// See:
  1122  	// https://github.com/torvalds/linux/blob/aa0c9086b40c17a7ad94425b3b70dd1fdd7497bf/include/uapi/linux/if_arp.h#L30
  1123  	ARPHardwareType() header.ARPHardwareType
  1124  
  1125  	// AddHeader adds a link layer header to the packet if required.
  1126  	AddHeader(*PacketBuffer)
  1127  
  1128  	// ParseHeader parses the link layer header to the packet.
  1129  	ParseHeader(*PacketBuffer) bool
  1130  }
  1131  
  1132  // QueueingDiscipline provides a queueing strategy for outgoing packets (e.g
  1133  // FIFO, LIFO, Random Early Drop etc).
  1134  type QueueingDiscipline interface {
  1135  	// WritePacket writes a packet.
  1136  	//
  1137  	// WritePacket may modify the packet buffer. The packet buffer's
  1138  	// network and transport header must be set.
  1139  	//
  1140  	// To participate in transparent bridging, a LinkEndpoint implementation
  1141  	// should call eth.Encode with header.EthernetFields.SrcAddr set to
  1142  	// pkg.EgressRoute.LocalLinkAddress if it is provided.
  1143  	WritePacket(*PacketBuffer) tcpip.Error
  1144  
  1145  	Close()
  1146  }
  1147  
  1148  // LinkEndpoint is the interface implemented by data link layer protocols (e.g.,
  1149  // ethernet, loopback, raw) and used by network layer protocols to send packets
  1150  // out through the implementer's data link endpoint. When a link header exists,
  1151  // it sets each PacketBuffer's LinkHeader field before passing it up the
  1152  // stack.
  1153  type LinkEndpoint interface {
  1154  	NetworkLinkEndpoint
  1155  	LinkWriter
  1156  }
  1157  
  1158  // InjectableLinkEndpoint is a LinkEndpoint where inbound packets are
  1159  // delivered via the Inject method.
  1160  type InjectableLinkEndpoint interface {
  1161  	LinkEndpoint
  1162  
  1163  	// InjectInbound injects an inbound packet.
  1164  	InjectInbound(protocol tcpip.NetworkProtocolNumber, pkt *PacketBuffer)
  1165  
  1166  	// InjectOutbound writes a fully formed outbound packet directly to the
  1167  	// link.
  1168  	//
  1169  	// dest is used by endpoints with multiple raw destinations.
  1170  	InjectOutbound(dest tcpip.Address, packet *buffer.View) tcpip.Error
  1171  }
  1172  
  1173  // DADResult is a marker interface for the result of a duplicate address
  1174  // detection process.
  1175  type DADResult interface {
  1176  	isDADResult()
  1177  }
  1178  
  1179  var _ DADResult = (*DADSucceeded)(nil)
  1180  
  1181  // DADSucceeded indicates DAD completed without finding any duplicate addresses.
  1182  type DADSucceeded struct{}
  1183  
  1184  func (*DADSucceeded) isDADResult() {}
  1185  
  1186  var _ DADResult = (*DADError)(nil)
  1187  
  1188  // DADError indicates DAD hit an error.
  1189  type DADError struct {
  1190  	Err tcpip.Error
  1191  }
  1192  
  1193  func (*DADError) isDADResult() {}
  1194  
  1195  var _ DADResult = (*DADAborted)(nil)
  1196  
  1197  // DADAborted indicates DAD was aborted.
  1198  type DADAborted struct{}
  1199  
  1200  func (*DADAborted) isDADResult() {}
  1201  
  1202  var _ DADResult = (*DADDupAddrDetected)(nil)
  1203  
  1204  // DADDupAddrDetected indicates DAD detected a duplicate address.
  1205  type DADDupAddrDetected struct {
  1206  	// HolderLinkAddress is the link address of the node that holds the duplicate
  1207  	// address.
  1208  	HolderLinkAddress tcpip.LinkAddress
  1209  }
  1210  
  1211  func (*DADDupAddrDetected) isDADResult() {}
  1212  
  1213  // DADCompletionHandler is a handler for DAD completion.
  1214  type DADCompletionHandler func(DADResult)
  1215  
  1216  // DADCheckAddressDisposition enumerates the possible return values from
  1217  // DAD.CheckDuplicateAddress.
  1218  type DADCheckAddressDisposition int
  1219  
  1220  const (
  1221  	_ DADCheckAddressDisposition = iota
  1222  
  1223  	// DADDisabled indicates that DAD is disabled.
  1224  	DADDisabled
  1225  
  1226  	// DADStarting indicates that DAD is starting for an address.
  1227  	DADStarting
  1228  
  1229  	// DADAlreadyRunning indicates that DAD was already started for an address.
  1230  	DADAlreadyRunning
  1231  )
  1232  
  1233  const (
  1234  	// defaultDupAddrDetectTransmits is the default number of NDP Neighbor
  1235  	// Solicitation messages to send when doing Duplicate Address Detection
  1236  	// for a tentative address.
  1237  	//
  1238  	// Default = 1 (from RFC 4862 section 5.1)
  1239  	defaultDupAddrDetectTransmits = 1
  1240  )
  1241  
  1242  // DADConfigurations holds configurations for duplicate address detection.
  1243  type DADConfigurations struct {
  1244  	// The number of Neighbor Solicitation messages to send when doing
  1245  	// Duplicate Address Detection for a tentative address.
  1246  	//
  1247  	// Note, a value of zero effectively disables DAD.
  1248  	DupAddrDetectTransmits uint8
  1249  
  1250  	// The amount of time to wait between sending Neighbor Solicitation
  1251  	// messages.
  1252  	//
  1253  	// Must be greater than or equal to 1ms.
  1254  	RetransmitTimer time.Duration
  1255  }
  1256  
  1257  // DefaultDADConfigurations returns the default DAD configurations.
  1258  func DefaultDADConfigurations() DADConfigurations {
  1259  	return DADConfigurations{
  1260  		DupAddrDetectTransmits: defaultDupAddrDetectTransmits,
  1261  		RetransmitTimer:        defaultRetransmitTimer,
  1262  	}
  1263  }
  1264  
  1265  // Validate modifies the configuration with valid values. If invalid values are
  1266  // present in the configurations, the corresponding default values are used
  1267  // instead.
  1268  func (c *DADConfigurations) Validate() {
  1269  	if c.RetransmitTimer < minimumRetransmitTimer {
  1270  		c.RetransmitTimer = defaultRetransmitTimer
  1271  	}
  1272  }
  1273  
  1274  // DuplicateAddressDetector handles checking if an address is already assigned
  1275  // to some neighboring node on the link.
  1276  type DuplicateAddressDetector interface {
  1277  	// CheckDuplicateAddress checks if an address is assigned to a neighbor.
  1278  	//
  1279  	// If DAD is already being performed for the address, the handler will be
  1280  	// called with the result of the original DAD request.
  1281  	CheckDuplicateAddress(tcpip.Address, DADCompletionHandler) DADCheckAddressDisposition
  1282  
  1283  	// SetDADConfigurations sets the configurations for DAD.
  1284  	SetDADConfigurations(c DADConfigurations)
  1285  
  1286  	// DuplicateAddressProtocol returns the network protocol the receiver can
  1287  	// perform duplicate address detection for.
  1288  	DuplicateAddressProtocol() tcpip.NetworkProtocolNumber
  1289  }
  1290  
  1291  // LinkAddressResolver handles link address resolution for a network protocol.
  1292  type LinkAddressResolver interface {
  1293  	// LinkAddressRequest sends a request for the link address of the target
  1294  	// address. The request is broadcast on the local network if a remote link
  1295  	// address is not provided.
  1296  	LinkAddressRequest(targetAddr, localAddr tcpip.Address, remoteLinkAddr tcpip.LinkAddress) tcpip.Error
  1297  
  1298  	// ResolveStaticAddress attempts to resolve address without sending
  1299  	// requests. It either resolves the name immediately or returns the
  1300  	// empty LinkAddress.
  1301  	//
  1302  	// It can be used to resolve broadcast addresses for example.
  1303  	ResolveStaticAddress(addr tcpip.Address) (tcpip.LinkAddress, bool)
  1304  
  1305  	// LinkAddressProtocol returns the network protocol of the
  1306  	// addresses this resolver can resolve.
  1307  	LinkAddressProtocol() tcpip.NetworkProtocolNumber
  1308  }
  1309  
  1310  // RawFactory produces endpoints for writing various types of raw packets.
  1311  type RawFactory interface {
  1312  	// NewUnassociatedEndpoint produces endpoints for writing packets not
  1313  	// associated with a particular transport protocol. Such endpoints can
  1314  	// be used to write arbitrary packets that include the network header.
  1315  	NewUnassociatedEndpoint(stack *Stack, netProto tcpip.NetworkProtocolNumber, transProto tcpip.TransportProtocolNumber, waiterQueue *waiter.Queue) (tcpip.Endpoint, tcpip.Error)
  1316  
  1317  	// NewPacketEndpoint produces endpoints for reading and writing packets
  1318  	// that include network and (when cooked is false) link layer headers.
  1319  	NewPacketEndpoint(stack *Stack, cooked bool, netProto tcpip.NetworkProtocolNumber, waiterQueue *waiter.Queue) (tcpip.Endpoint, tcpip.Error)
  1320  }
  1321  
  1322  // GSOType is the type of GSO segments.
  1323  //
  1324  // +stateify savable
  1325  type GSOType int
  1326  
  1327  // Types of gso segments.
  1328  const (
  1329  	GSONone GSOType = iota
  1330  
  1331  	// Hardware GSO types:
  1332  	GSOTCPv4
  1333  	GSOTCPv6
  1334  
  1335  	// GSOGvisor is used for gVisor GSO segments which have to be sent by
  1336  	// endpoint.WritePackets.
  1337  	GSOGvisor
  1338  )
  1339  
  1340  // GSO contains generic segmentation offload properties.
  1341  //
  1342  // +stateify savable
  1343  type GSO struct {
  1344  	// Type is one of GSONone, GSOTCPv4, etc.
  1345  	Type GSOType
  1346  	// NeedsCsum is set if the checksum offload is enabled.
  1347  	NeedsCsum bool
  1348  	// CsumOffset is offset after that to place checksum.
  1349  	CsumOffset uint16
  1350  
  1351  	// Mss is maximum segment size.
  1352  	MSS uint16
  1353  	// L3Len is L3 (IP) header length.
  1354  	L3HdrLen uint16
  1355  
  1356  	// MaxSize is maximum GSO packet size.
  1357  	MaxSize uint32
  1358  }
  1359  
  1360  // SupportedGSO is the type of segmentation offloading supported.
  1361  type SupportedGSO int
  1362  
  1363  const (
  1364  	// GSONotSupported indicates that segmentation offloading is not supported.
  1365  	GSONotSupported SupportedGSO = iota
  1366  
  1367  	// HostGSOSupported indicates that segmentation offloading may be performed
  1368  	// by the host. This is typically true when netstack is attached to a host
  1369  	// AF_PACKET socket, and not true when attached to a unix socket or other
  1370  	// non-networking data layer.
  1371  	HostGSOSupported
  1372  
  1373  	// GvisorGSOSupported indicates that segmentation offloading may be performed
  1374  	// in gVisor.
  1375  	GvisorGSOSupported
  1376  )
  1377  
  1378  // GSOEndpoint provides access to GSO properties.
  1379  type GSOEndpoint interface {
  1380  	// GSOMaxSize returns the maximum GSO packet size.
  1381  	GSOMaxSize() uint32
  1382  
  1383  	// SupportedGSO returns the supported segmentation offloading.
  1384  	SupportedGSO() SupportedGSO
  1385  }
  1386  
  1387  // GvisorGSOMaxSize is a maximum allowed size of a software GSO segment.
  1388  // This isn't a hard limit, because it is never set into packet headers.
  1389  const GvisorGSOMaxSize = 1 << 16