Define cgroup name in one place

author: David Lönnhager <david.l@mullvad.net> 2020-04-01 22:35:34 +0200
committer: David Lönnhager <david.l@mullvad.net> 2020-06-02 10:05:02 +0200
commit: 2d92be4aa8981a90c8797476d59f03783d5b9af2 (patch)
tree: 0511b6ada01b94f34ed55a8a39932eefa58dcc0f
parent: 87b74e1940446807ad66a7c5356af4a19d070820 (diff)
download: mullvadvpn-2d92be4aa8981a90c8797476d59f03783d5b9af2.tar.xz
mullvadvpn-2d92be4aa8981a90c8797476d59f03783d5b9af2.zip
5 files changed, 22 insertions, 8 deletions
diff --git a/Cargo.lock b/Cargo.lock
index 08cff3260c..2635701b17 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1415,6 +1415,7 @@ version = "0.1.0"
 dependencies = [
  "err-derive 0.2.4 (registry+https://github.com/rust-lang/crates.io-index)",
  "nix 0.17.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "talpid-types 0.1.0",
  "void 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
diff --git a/mullvad-exclude/Cargo.toml b/mullvad-exclude/Cargo.toml
index 06e0c8ab56..340cdf1c9e 100644
--- a/mullvad-exclude/Cargo.toml
+++ b/mullvad-exclude/Cargo.toml
@@ -10,3 +10,4 @@ publish = false
 nix = "0.17"
 err-derive = "0.2.1"
 void = "1.0.2"
+talpid-types = { path = "../talpid-types" }
diff --git a/mullvad-exclude/src/main.rs b/mullvad-exclude/src/main.rs
index 133424c027..cfa180532a 100644
--- a/mullvad-exclude/src/main.rs
+++ b/mullvad-exclude/src/main.rs
@@ -7,10 +7,14 @@ use std::{
     ffi::{CStr, CString, NulError},
     fs, io,
     os::unix::ffi::OsStrExt,
+    path::Path,
 };
 
 #[cfg(target_os = "linux")]
-const CGROUP_PROCS_PATH: &str = "/sys/fs/cgroup/net_cls/mullvad-exclusions/cgroup.procs";
+use talpid_types::SPLIT_TUNNEL_CGROUP_NAME;
+
+#[cfg(target_os = "linux")]
+const NETCLS_DIR: &str = "/sys/fs/cgroup/net_cls/";
 
 #[cfg(target_os = "linux")]
 const PROGRAM_NAME: &str = "mullvad-exclude";
@@ -76,8 +80,9 @@ fn run() -> Result<void::Void, Error> {
     let args: Vec<&CStr> = args.iter().map(|arg| &**arg).collect();
 
     // Set the cgroup of this process
-    fs::write(CGROUP_PROCS_PATH, getpid().to_string().as_bytes())
-        .map_err(Error::AddProcToCGroup)?;
+    let cgroup_dir = Path::new(NETCLS_DIR).join(SPLIT_TUNNEL_CGROUP_NAME);
+    let procs_path = cgroup_dir.join("cgroup.procs");
+    fs::write(procs_path, getpid().to_string().as_bytes()).map_err(Error::AddProcToCGroup)?;
 
     // Drop root privileges
     let real_uid = getuid();
diff --git a/talpid-core/src/split.rs b/talpid-core/src/split.rs
index eec670f87d..1777703290 100644
--- a/talpid-core/src/split.rs
+++ b/talpid-core/src/split.rs
@@ -8,6 +8,7 @@ use std::{
     process::Command,
     str::FromStr,
 };
+use talpid_types::SPLIT_TUNNEL_CGROUP_NAME;
 
 const NETCLS_DIR: &str = "/sys/fs/cgroup/net_cls/";
 
@@ -16,7 +17,6 @@ pub const NETCLS_CLASSID: u32 = 0x4d9f41;
 /// Value used to mark packets and associated connections.
 pub const MARK: i32 = 0xf41;
 
-const CGROUP_NAME: &str = "mullvad-exclusions";
 const ROUTING_TABLE_NAME: &str = "mullvad_exclusions";
 const RT_TABLES_PATH: &str = "/etc/iproute2/rt_tables";
 
@@ -327,7 +327,7 @@ impl PidManager {
             .map_err(Error::InitNetClsCGroup)?;
         }
 
-        let exclusions_dir = netcls_dir.join(CGROUP_NAME);
+        let exclusions_dir = netcls_dir.join(SPLIT_TUNNEL_CGROUP_NAME);
 
         if !exclusions_dir.exists() {
             fs::create_dir(exclusions_dir.clone()).map_err(Error::CreateCGroup)?;
@@ -345,7 +345,9 @@ impl PidManager {
 
     /// Add PIDs to exclude from the tunnel.
     pub fn add_list(&self, pids: &[i32]) -> Result<(), Error> {
-        let exclusions_path = Path::new(NETCLS_DIR).join(CGROUP_NAME).join("cgroup.procs");
+        let exclusions_path = Path::new(NETCLS_DIR)
+            .join(SPLIT_TUNNEL_CGROUP_NAME)
+            .join("cgroup.procs");
 
         let file = fs::OpenOptions::new()
             .write(true)
@@ -368,7 +370,7 @@ impl PidManager {
     pub fn remove(&self, pid: i32) -> Result<(), Error> {
         // FIXME: We remove PIDs from our cgroup here by adding
         //        them to the parent cgroup. This seems wrong.
-        let exclusions_path = Path::new(NETCLS_DIR).join(CGROUP_NAME).join("cgroup.procs");
+        let exclusions_path = Path::new(NETCLS_DIR).join("cgroup.procs");
 
         let mut file = fs::OpenOptions::new()
             .write(true)
@@ -384,7 +386,9 @@ impl PidManager {
     pub fn list(&self) -> Result<Vec<i32>, Error> {
         // TODO: manage child PIDs somehow?
 
-        let exclusions_path = Path::new(NETCLS_DIR).join(CGROUP_NAME).join("cgroup.procs");
+        let exclusions_path = Path::new(NETCLS_DIR)
+            .join(SPLIT_TUNNEL_CGROUP_NAME)
+            .join("cgroup.procs");
 
         let file = fs::File::open(exclusions_path).map_err(Error::ListCGroupPids)?;
 
diff --git a/talpid-types/src/lib.rs b/talpid-types/src/lib.rs
index d5b71fd46d..2ee772a756 100644
--- a/talpid-types/src/lib.rs
+++ b/talpid-types/src/lib.rs
@@ -7,6 +7,9 @@ pub mod android;
 pub mod net;
 pub mod tunnel;
 
+#[cfg(target_os = "linux")]
+pub const SPLIT_TUNNEL_CGROUP_NAME: &str = "mullvad-exclusions";
+
 
 /// Used to generate string representations of error chains.
 pub trait ErrorExt {
author	David Lönnhager <david.l@mullvad.net>	2020-04-01 22:35:34 +0200
committer	David Lönnhager <david.l@mullvad.net>	2020-06-02 10:05:02 +0200
commit	2d92be4aa8981a90c8797476d59f03783d5b9af2 (patch)
tree	0511b6ada01b94f34ed55a8a39932eefa58dcc0f
parent	87b74e1940446807ad66a7c5356af4a19d070820 (diff)
download	mullvadvpn-2d92be4aa8981a90c8797476d59f03783d5b9af2.tar.xz mullvadvpn-2d92be4aa8981a90c8797476d59f03783d5b9af2.zip