Milestone v0.4.0: Validated native utun interface creation on macOS (M-series)

HelloPrincePal · HelloPrincePal · commit 2de31344e222 · 2026-03-28T14:06:31.000+05:30
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,7 +16,11 @@ Format:
 
 ## [Unreleased]
 
-*(Add entries here as you work. Move to a version block on each git push.)*
+### 2026-03-28 14:00 — Implement utun creation on macOS
+- What: Created `internal/tun/utun_darwin.go` to support spawning virtual network interfaces via `AF_SYSTEM` / `SYSPROTO_CONTROL`; integrated into daemon callback.
+- Why: Milestone v0.4.0; enable the OS to talk to our daemon via a standard network handle.
+- Files: `internal/tun/utun.go`, `internal/tun/utun_darwin.go`, `internal/daemon/daemon.go`
+- Breaking: no
 
 ---
 
diff --git a/README.md b/README.md
@@ -4,6 +4,16 @@
 
 Works on macOS Ventura, Sonoma, and Sequoia on M1/M2/M3/M4 Macs.
 
+### Verifying the Connection
+Once the daemon is running and shows `Virtual network interface created interface=utunX`:
+
+1.  **Check Interface Status**:
+    ```bash
+    ifconfig utunX  # e.g., ifconfig utun3
+    ```
+2.  **Monitor Logs**:
+    The daemon will stay alive until you unplug the phone. You can see it "heartbeat" every 30 seconds.
+
 ---
 
 ## Install
diff --git a/VERSIONS.md b/VERSIONS.md
@@ -10,6 +10,13 @@ v1.0.0 = MVP complete and working on M1/M2/M3.
 
 ---
 
+## v0.4.0 — 2026-03-28
+- Milestone: utun interface creation
+- What works: Native macOS virtual interface creation (`utun`). The daemon now spawns a real network interface on the Mac when the phone connects.
+- Next: Packet relay engine (Bulk transfer).
+
+---
+
 ## v0.3.0 — 2026-03-28
 - Milestone: RNDIS handshake working (INIT/QUERY/SET)
 - What works: Raw USB Control transfers for RNDIS encapsulated commands; `INIT` handshake; `QUERY MAC` address retrieval; `SET` packet filter to enable promiscuous data mode. **Confirmed on real device.**
diff --git a/internal/daemon/daemon.go b/internal/daemon/daemon.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/princePal/droidtether/config"
 	"github.com/princePal/droidtether/internal/rndis"
+	"github.com/princePal/droidtether/internal/tun"
 	"github.com/princePal/droidtether/internal/usb"
 )
 
@@ -47,19 +48,48 @@ func (d *Daemon) Run() error {
 		session := rndis.NewSession(dev)
 		if err := session.Handshake(); err != nil {
 			log.Error().Str("component", "daemon").Err(err).Msg("RNDIS Handshake failed")
-			// Cleanup happens naturally via watcher detach
+			return
 		}
-		
-		// Wait a bit to verify logs in dev mode
-		time.Sleep(3 * time.Second)
-	})
 
-	watcher.OnDetach(func() {
+		// Milestone v0.4.0: Create virtual network interface
+		iface, err := tun.OpenUTUN(0)
+		if err != nil {
+			log.Error().Str("component", "daemon").Err(err).Msg("Failed to create utun interface")
+			return
+		}
+		defer iface.Close()
+
 		log.Info().
 			Str("component", "daemon").
-			Msg("Android RNDIS device detached.")
-		// In the future:
-		// session.Stop()
+			Str("interface", iface.Name()).
+			Msg("Virtual network interface created and ACTIVE. You can now run 'ifconfig' on it.")
+
+		// Keep the session alive until the watcher signals detachment.
+		// For now, we'll just block on a channel that is closed when the phone is unplugged.
+		// In Milestone v0.5.0, this handles the Packet Relay loop.
+		
+		stopChan := make(chan bool)
+		watcher.OnDetach(func() {
+			log.Info().Str("component", "daemon").Msg("Android RNDIS device detached.")
+			close(stopChan)
+		})
+
+		// Simple stay-alive logger to show the pipe is still open
+		ticker := time.NewTicker(30 * time.Second)
+		defer ticker.Stop()
+		go func() {
+			for {
+				select {
+				case <-ticker.C:
+					log.Debug().Str("component", "daemon").Str("interface", iface.Name()).Msg("RNDIS session active")
+				case <-stopChan:
+					return
+				}
+			}
+		}()
+
+		// Block here until phone is detached
+		<-stopChan
 	})
 
 	// Start the USB hotplug watcher
diff --git a/internal/tun/utun.go b/internal/tun/utun.go
@@ -0,0 +1,11 @@
+package tun
+
+import (
+	"io"
+)
+
+// Interface represents a virtual network interface (TUN).
+type Interface interface {
+	io.ReadWriteCloser
+	Name() string
+}
diff --git a/internal/tun/utun_darwin.go b/internal/tun/utun_darwin.go
@@ -0,0 +1,127 @@
+package tun
+
+import (
+	"fmt"
+	"os"
+	"unsafe"
+
+	"golang.org/x/sys/unix"
+)
+
+// utun configuration constants for macOS
+const (
+	AF_SYSTEM         = 32
+	SYSPROTO_CONTROL  = 2
+	AF_SYS_CONTROL    = 2
+	UTUN_CONTROL_NAME = "com.apple.net.utun_control"
+)
+
+// utunInterface implements Interface for Darwin using AF_SYSTEM.
+type utunInterface struct {
+	f    *os.File
+	name string
+}
+
+func (i *utunInterface) Read(p []byte) (n int, err error) {
+	return i.f.Read(p)
+}
+
+func (i *utunInterface) Write(p []byte) (n int, err error) {
+	return i.f.Write(p)
+}
+
+func (i *utunInterface) Close() error {
+	return i.f.Close()
+}
+
+func (i *utunInterface) Name() string {
+	return i.name
+}
+
+// OpenUTUN creates a new utun interface on macOS.
+// If index is 0, the system chooses the first available (utun0, utun1, etc.).
+func OpenUTUN(index int) (Interface, error) {
+	fd, err := unix.Socket(AF_SYSTEM, unix.SOCK_DGRAM, SYSPROTO_CONTROL)
+	if err != nil {
+		return nil, fmt.Errorf("utun: failed to open system socket: %w", err)
+	}
+
+	// 1. Find the control ID for "com.apple.net.utun_control"
+	info := struct {
+		ctl_id   uint32
+		ctl_name [96]byte
+	}{}
+	copy(info.ctl_name[:], UTUN_CONTROL_NAME)
+
+	// CTLIOCGINFO
+	err = ioctl(fd, 0xc0644e03, unsafe.Pointer(&info))
+	if err != nil {
+		unix.Close(fd)
+		return nil, fmt.Errorf("utun: failed to get utun control info: %w", err)
+	}
+
+	// 2. Connect to the utun control
+	sc := struct {
+		sc_len      uint8
+		sc_family   uint8
+		ss_sysaddr  uint16
+		sc_id       uint32
+		sc_unit     uint32
+		sc_reserved [5]uint32
+	}{
+		sc_len:     32,
+		sc_family:  AF_SYSTEM,
+		ss_sysaddr: AF_SYS_CONTROL,
+		sc_id:      info.ctl_id,
+		sc_unit:    uint32(index), // 0 = automatic
+	}
+
+	err = connect(fd, unsafe.Pointer(&sc), 32)
+	if err != nil {
+		unix.Close(fd)
+		return nil, fmt.Errorf("utun: failed to connect to utun control: %w", err)
+	}
+
+	// 3. Get the interface name (e.g., utun3)
+	nameBuf := make([]byte, 64)
+	nameLen := uint32(len(nameBuf))
+	// UTUN_OPT_IFNAME (Option 2)
+	err = getsockopt(fd, SYSPROTO_CONTROL, 2, unsafe.Pointer(&nameBuf[0]), &nameLen)
+	if err != nil {
+		unix.Close(fd)
+		return nil, fmt.Errorf("utun: failed to get interface name: %w", err)
+	}
+
+	ifname := string(nameBuf[:nameLen-1]) // trim null byte
+	return &utunInterface{
+		f:    os.NewFile(uintptr(fd), ifname),
+		name: ifname,
+	}, nil
+}
+
+// Wrapper for unix.Ioctl
+func ioctl(fd int, request uintptr, argp unsafe.Pointer) error {
+	_, _, errno := unix.Syscall(unix.SYS_IOCTL, uintptr(fd), request, uintptr(argp))
+	if errno != 0 {
+		return errno
+	}
+	return nil
+}
+
+// Wrapper for unix.Connect
+func connect(fd int, addr unsafe.Pointer, len uint32) error {
+	_, _, errno := unix.Syscall(unix.SYS_CONNECT, uintptr(fd), uintptr(addr), uintptr(len))
+	if errno != 0 {
+		return errno
+	}
+	return nil
+}
+
+// Wrapper for unix.Getsockopt
+func getsockopt(fd int, level, name int, val unsafe.Pointer, len *uint32) error {
+	_, _, errno := unix.Syscall6(unix.SYS_GETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(len)), 0)
+	if errno != 0 {
+		return errno
+	}
+	return nil
+}
