Skip to content

Commit

Permalink
[tailscale] net: add TCP socket creation/close hooks to SockTrace API
Browse files Browse the repository at this point in the history
Extends the hooks added by #45 to also expose when TCP sockets are
created or closed (meant to allow TCP stats to be read from them). We
don't do this for all socket types since stats are not available for
UDP sockets, and they tend to be short-lived, thus invoking the hooks
would be useless overhead.

Also fixes read/write hooks to not count out-of-band data, since that's
usually not sent over the wire.

Updates tailscale/corp#9230
Updates #58

Signed-off-by: Jenny Zhang <jz@tailscale.com>
(Cherry-picked from db4dc90)
(cherry picked from commit 51a96ad)
(cherry picked from commit aff7d04)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
  • Loading branch information
phirework authored and bradfitz committed Aug 21, 2024
1 parent 8c00619 commit 0634555
Show file tree
Hide file tree
Showing 4 changed files with 109 additions and 0 deletions.
8 changes: 8 additions & 0 deletions api/go1.99999.txt
Original file line number Diff line number Diff line change
@@ -1,2 +1,10 @@
pkg net, func ContextSockTrace(context.Context) *SockTrace
pkg net, func SetDialEnforcer(func(context.Context, []Addr) error) #55
pkg net, func SetResolveEnforcer(func(context.Context, string, string, string, Addr) error) #55
pkg net, func WithSockTrace(context.Context, *SockTrace) context.Context
pkg net, type SockTrace struct
pkg net, type SockTrace struct, DidCreateTCPConn func(syscall.RawConn)
pkg net, type SockTrace struct, DidRead func(int)
pkg net, type SockTrace struct, DidWrite func(int)
pkg net, type SockTrace struct, WillCloseTCPConn func(syscall.RawConn)
pkg net, type SockTrace struct, WillOverwrite func(*SockTrace)
33 changes: 33 additions & 0 deletions src/net/fd_posix.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ type netFD struct {
net string
laddr Addr
raddr Addr

// hooks (if provided) are called after successful reads or writes with the
// number of bytes transferred.
readHook func(int)
writeHook func(int)
closeHook func()
}

func (fd *netFD) setAddr(laddr, raddr Addr) {
Expand All @@ -34,6 +40,9 @@ func (fd *netFD) setAddr(laddr, raddr Addr) {

func (fd *netFD) Close() error {
runtime.SetFinalizer(fd, nil)
if fd.closeHook != nil {
fd.closeHook()
}
return fd.pfd.Close()
}

Expand All @@ -44,10 +53,16 @@ func (fd *netFD) shutdown(how int) error {
}

func (fd *netFD) closeRead() error {
if fd.closeHook != nil {
fd.closeHook()
}
return fd.shutdown(syscall.SHUT_RD)
}

func (fd *netFD) closeWrite() error {
if fd.closeHook != nil {
fd.closeHook()
}
return fd.shutdown(syscall.SHUT_WR)
}

Expand Down Expand Up @@ -76,18 +91,27 @@ func (fd *netFD) readFromInet6(p []byte, from *syscall.SockaddrInet6) (n int, er

func (fd *netFD) readMsg(p []byte, oob []byte, flags int) (n, oobn, retflags int, sa syscall.Sockaddr, err error) {
n, oobn, retflags, sa, err = fd.pfd.ReadMsg(p, oob, flags)
if fd.readHook != nil && err == nil {
fd.readHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, retflags, sa, wrapSyscallError(readMsgSyscallName, err)
}

func (fd *netFD) readMsgInet4(p []byte, oob []byte, flags int, sa *syscall.SockaddrInet4) (n, oobn, retflags int, err error) {
n, oobn, retflags, err = fd.pfd.ReadMsgInet4(p, oob, flags, sa)
if fd.readHook != nil && err == nil {
fd.readHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, retflags, wrapSyscallError(readMsgSyscallName, err)
}

func (fd *netFD) readMsgInet6(p []byte, oob []byte, flags int, sa *syscall.SockaddrInet6) (n, oobn, retflags int, err error) {
n, oobn, retflags, err = fd.pfd.ReadMsgInet6(p, oob, flags, sa)
if fd.readHook != nil && err == nil {
fd.readHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, retflags, wrapSyscallError(readMsgSyscallName, err)
}
Expand Down Expand Up @@ -118,18 +142,27 @@ func (fd *netFD) writeToInet6(p []byte, sa *syscall.SockaddrInet6) (n int, err e

func (fd *netFD) writeMsg(p []byte, oob []byte, sa syscall.Sockaddr) (n int, oobn int, err error) {
n, oobn, err = fd.pfd.WriteMsg(p, oob, sa)
if fd.writeHook != nil && err == nil {
fd.writeHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, wrapSyscallError(writeMsgSyscallName, err)
}

func (fd *netFD) writeMsgInet4(p []byte, oob []byte, sa *syscall.SockaddrInet4) (n int, oobn int, err error) {
n, oobn, err = fd.pfd.WriteMsgInet4(p, oob, sa)
if fd.writeHook != nil && err == nil {
fd.writeHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, wrapSyscallError(writeMsgSyscallName, err)
}

func (fd *netFD) writeMsgInet6(p []byte, oob []byte, sa *syscall.SockaddrInet6) (n int, oobn int, err error) {
n, oobn, err = fd.pfd.WriteMsgInet6(p, oob, sa)
if fd.writeHook != nil && err == nil {
fd.writeHook(n)
}
runtime.KeepAlive(fd)
return n, oobn, wrapSyscallError(writeMsgSyscallName, err)
}
Expand Down
15 changes: 15 additions & 0 deletions src/net/sock_posix.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,21 @@ func socket(ctx context.Context, net string, family, sotype, proto int, ipv6only
poll.CloseFunc(s)
return nil, err
}
if trace := ContextSockTrace(ctx); trace != nil {
fd.readHook = trace.DidRead
fd.writeHook = trace.DidWrite
if (trace.DidCreateTCPConn != nil || trace.WillCloseTCPConn != nil) && len(net) >= 3 && net[0:3] == "tcp" {
c := newRawConn(fd)
if trace.DidCreateTCPConn != nil {
trace.DidCreateTCPConn(c)
}
if trace.WillCloseTCPConn != nil {
fd.closeHook = func() {
trace.WillCloseTCPConn(c)
}
}
}
}

// This function makes a network file descriptor for the
// following applications:
Expand Down
53 changes: 53 additions & 0 deletions src/net/socktrace.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
// Copyright 2023 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package net

import (
"context"
"syscall"
)

// SockTrace is a set of hooks to run at various operations on a network socket.
// Any particular hook may be nil. Functions may be called concurrently from
// different goroutines.
type SockTrace struct {
// DidOpenTCPConn is called when a TCP socket was created. The
// underlying raw network connection that was created is provided.
DidCreateTCPConn func(c syscall.RawConn)
// DidRead is called after a successful read from the socket, where n bytes
// were read.
DidRead func(n int)
// DidWrite is called after a successful write to the socket, where n bytes
// were written.
DidWrite func(n int)
// WillOverwrite is called when the registered trace is overwritten by a
// subsequent call to WithSockTrace. The provided trace is the new trace
// that will be used.
WillOverwrite func(trace *SockTrace)
// WillCloseTCPConn is called when a TCP socket is about to be closed. The
// underlying raw network connection that is being closed is provided.
WillCloseTCPConn func(c syscall.RawConn)
}

// WithSockTrace returns a new context based on the provided parent
// ctx. Socket reads and writes made with the returned context will use
// the provided trace hooks. Any previous hooks registered with ctx are
// ovewritten (their WillOverwrite hook will be called).
func WithSockTrace(ctx context.Context, trace *SockTrace) context.Context {
if previous := ContextSockTrace(ctx); previous != nil && previous.WillOverwrite != nil {
previous.WillOverwrite(trace)
}
return context.WithValue(ctx, sockTraceKey{}, trace)
}

// ContextSockTrace returns the SockTrace associated with the
// provided context. If none, it returns nil.
func ContextSockTrace(ctx context.Context) *SockTrace {
trace, _ := ctx.Value(sockTraceKey{}).(*SockTrace)
return trace
}

// unique type to prevent assignment.
type sockTraceKey struct{}

0 comments on commit 0634555

Please sign in to comment.