diff options
Diffstat (limited to 'test/packetdrill')
-rw-r--r-- | test/packetdrill/BUILD | 48 | ||||
-rw-r--r-- | test/packetdrill/Dockerfile | 9 | ||||
-rw-r--r-- | test/packetdrill/accept_ack_drop.pkt | 27 | ||||
-rw-r--r-- | test/packetdrill/defs.bzl | 87 | ||||
-rw-r--r-- | test/packetdrill/fin_wait2_timeout.pkt | 23 | ||||
-rw-r--r-- | test/packetdrill/linux/tcp_user_timeout.pkt | 39 | ||||
-rw-r--r-- | test/packetdrill/listen_close_before_handshake_complete.pkt | 31 | ||||
-rw-r--r-- | test/packetdrill/netstack/tcp_user_timeout.pkt | 38 | ||||
-rw-r--r-- | test/packetdrill/no_rst_to_rst.pkt | 36 | ||||
-rwxr-xr-x | test/packetdrill/packetdrill_setup.sh | 26 | ||||
-rwxr-xr-x | test/packetdrill/packetdrill_test.sh | 225 | ||||
-rw-r--r-- | test/packetdrill/reset_for_ack_when_no_syn_cookies_in_use.pkt | 9 | ||||
-rw-r--r-- | test/packetdrill/sanity_test.pkt | 7 | ||||
-rw-r--r-- | test/packetdrill/tcp_defer_accept.pkt | 48 | ||||
-rw-r--r-- | test/packetdrill/tcp_defer_accept_timeout.pkt | 48 |
15 files changed, 0 insertions, 701 deletions
diff --git a/test/packetdrill/BUILD b/test/packetdrill/BUILD deleted file mode 100644 index fb0b2db41..000000000 --- a/test/packetdrill/BUILD +++ /dev/null @@ -1,48 +0,0 @@ -load("defs.bzl", "packetdrill_linux_test", "packetdrill_netstack_test", "packetdrill_test") - -package(licenses = ["notice"]) - -packetdrill_test( - name = "packetdrill_sanity_test", - scripts = ["sanity_test.pkt"], -) - -packetdrill_test( - name = "accept_ack_drop_test", - scripts = ["accept_ack_drop.pkt"], -) - -packetdrill_test( - name = "fin_wait2_timeout_test", - scripts = ["fin_wait2_timeout.pkt"], -) - -packetdrill_linux_test( - name = "tcp_user_timeout_test_linux_test", - scripts = ["linux/tcp_user_timeout.pkt"], -) - -packetdrill_netstack_test( - name = "tcp_user_timeout_test_netstack_test", - scripts = ["netstack/tcp_user_timeout.pkt"], -) - -packetdrill_test( - name = "listen_close_before_handshake_complete_test", - scripts = ["listen_close_before_handshake_complete.pkt"], -) - -packetdrill_test( - name = "no_rst_to_rst_test", - scripts = ["no_rst_to_rst.pkt"], -) - -packetdrill_test( - name = "tcp_defer_accept_test", - scripts = ["tcp_defer_accept.pkt"], -) - -packetdrill_test( - name = "tcp_defer_accept_timeout_test", - scripts = ["tcp_defer_accept_timeout.pkt"], -) diff --git a/test/packetdrill/Dockerfile b/test/packetdrill/Dockerfile deleted file mode 100644 index 4b75e9527..000000000 --- a/test/packetdrill/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM ubuntu:bionic - -RUN apt-get update && apt-get install -y net-tools git iptables iputils-ping \ - netcat tcpdump jq tar bison flex make -RUN hash -r -RUN git clone --branch packetdrill-v2.0 \ - https://github.com/google/packetdrill.git -RUN cd packetdrill/gtests/net/packetdrill && ./configure && make -CMD /bin/bash diff --git a/test/packetdrill/accept_ack_drop.pkt b/test/packetdrill/accept_ack_drop.pkt deleted file mode 100644 index 76e638fd4..000000000 --- a/test/packetdrill/accept_ack_drop.pkt +++ /dev/null @@ -1,27 +0,0 @@ -// Test that the accept works if the final ACK is dropped and an ack with data -// follows the dropped ack. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -// Set backlog to 1 so that we can easily test. -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0.0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0.0 > S. 0:0(0) ack 1 <...> - -+0.0 < . 1:5(4) ack 1 win 257 -+0.0 > . 1:1(0) ack 5 <...> - -// This should cause connection to transition to connected state. -+0.000 accept(3, ..., ...) = 4 -+0.000 fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 - -// Now read the data and we should get 4 bytes. -+0.000 read(4,..., 4) = 4 -+0.000 close(4) = 0 - -+0.0 > F. 1:1(0) ack 5 <...> -+0.0 < F. 5:5(0) ack 2 win 257 -+0.01 > . 2:2(0) ack 6 <...>
\ No newline at end of file diff --git a/test/packetdrill/defs.bzl b/test/packetdrill/defs.bzl deleted file mode 100644 index f499c177b..000000000 --- a/test/packetdrill/defs.bzl +++ /dev/null @@ -1,87 +0,0 @@ -"""Defines a rule for packetdrill test targets.""" - -def _packetdrill_test_impl(ctx): - test_runner = ctx.executable._test_runner - runner = ctx.actions.declare_file("%s-runner" % ctx.label.name) - - script_paths = [] - for script in ctx.files.scripts: - script_paths.append(script.short_path) - runner_content = "\n".join([ - "#!/bin/bash", - # This test will run part in a distinct user namespace. This can cause - # permission problems, because all runfiles may not be owned by the - # current user, and no other users will be mapped in that namespace. - # Make sure that everything is readable here. - "find . -type f -exec chmod a+rx {} \\;", - "find . -type d -exec chmod a+rx {} \\;", - "%s %s --init_script %s $@ -- %s\n" % ( - test_runner.short_path, - " ".join(ctx.attr.flags), - ctx.files._init_script[0].short_path, - " ".join(script_paths), - ), - ]) - ctx.actions.write(runner, runner_content, is_executable = True) - - transitive_files = depset() - if hasattr(ctx.attr._test_runner, "data_runfiles"): - transitive_files = depset(ctx.attr._test_runner.data_runfiles.files) - runfiles = ctx.runfiles( - files = [test_runner] + ctx.files._init_script + ctx.files.scripts, - transitive_files = transitive_files, - collect_default = True, - collect_data = True, - ) - return [DefaultInfo(executable = runner, runfiles = runfiles)] - -_packetdrill_test = rule( - attrs = { - "_test_runner": attr.label( - executable = True, - cfg = "host", - allow_files = True, - default = "packetdrill_test.sh", - ), - "_init_script": attr.label( - allow_single_file = True, - default = "packetdrill_setup.sh", - ), - "flags": attr.string_list( - mandatory = False, - default = [], - ), - "scripts": attr.label_list( - mandatory = True, - allow_files = True, - ), - }, - test = True, - implementation = _packetdrill_test_impl, -) - -_PACKETDRILL_TAGS = ["local", "manual"] - -def packetdrill_linux_test(name, **kwargs): - if "tags" not in kwargs: - kwargs["tags"] = _PACKETDRILL_TAGS - _packetdrill_test( - name = name, - flags = ["--dut_platform", "linux"], - **kwargs - ) - -def packetdrill_netstack_test(name, **kwargs): - if "tags" not in kwargs: - kwargs["tags"] = _PACKETDRILL_TAGS - _packetdrill_test( - name = name, - # This is the default runtime unless - # "--test_arg=--runtime=OTHER_RUNTIME" is used to override the value. - flags = ["--dut_platform", "netstack", "--runtime", "runsc-d"], - **kwargs - ) - -def packetdrill_test(name, **kwargs): - packetdrill_linux_test(name + "_linux_test", **kwargs) - packetdrill_netstack_test(name + "_netstack_test", **kwargs) diff --git a/test/packetdrill/fin_wait2_timeout.pkt b/test/packetdrill/fin_wait2_timeout.pkt deleted file mode 100644 index 613f0bec9..000000000 --- a/test/packetdrill/fin_wait2_timeout.pkt +++ /dev/null @@ -1,23 +0,0 @@ -// Test that a socket in FIN_WAIT_2 eventually times out and a subsequent -// packet generates a RST. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0 > S. 0:0(0) ack 1 <...> -+0 < P. 1:1(0) ack 1 win 257 - -+0.100 accept(3, ..., ...) = 4 -// set FIN_WAIT2 timeout to 1 seconds. -+0.100 setsockopt(4, SOL_TCP, TCP_LINGER2, [1], 4) = 0 -+0 close(4) = 0 - -+0 > F. 1:1(0) ack 1 <...> -+0 < . 1:1(0) ack 2 win 257 - -+1.1 < . 1:1(0) ack 2 win 257 -+0 > R 2:2(0) win 0 diff --git a/test/packetdrill/linux/tcp_user_timeout.pkt b/test/packetdrill/linux/tcp_user_timeout.pkt deleted file mode 100644 index 38018cb42..000000000 --- a/test/packetdrill/linux/tcp_user_timeout.pkt +++ /dev/null @@ -1,39 +0,0 @@ -// Test that a socket w/ TCP_USER_TIMEOUT set aborts the connection -// if there is pending unacked data after the user specified timeout. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0 > S. 0:0(0) ack 1 <...> -+0.1 < . 1:1(0) ack 1 win 32792 - -+0.100 accept(3, ..., ...) = 4 - -// Okay, we received nothing, and decide to close this idle socket. -// We set TCP_USER_TIMEOUT to 3 seconds because really it is not worth -// trying hard to cleanly close this flow, at the price of keeping -// a TCP structure in kernel for about 1 minute! -+2 setsockopt(4, SOL_TCP, TCP_USER_TIMEOUT, [3000], 4) = 0 - -// The write/ack is required mainly for netstack as netstack does -// not update its RTO during the handshake. -+0 write(4, ..., 100) = 100 -+0 > P. 1:101(100) ack 1 <...> -+0 < . 1:1(0) ack 101 win 32792 - -+0 close(4) = 0 - -+0 > F. 101:101(0) ack 1 <...> -+.3~+.400 > F. 101:101(0) ack 1 <...> -+.3~+.400 > F. 101:101(0) ack 1 <...> -+.6~+.800 > F. 101:101(0) ack 1 <...> -+1.2~+1.300 > F. 101:101(0) ack 1 <...> - -// We finally receive something from the peer, but it is way too late -// Our socket vanished because TCP_USER_TIMEOUT was really small. -+.1 < . 1:2(1) ack 102 win 32792 -+0 > R 102:102(0) win 0 diff --git a/test/packetdrill/listen_close_before_handshake_complete.pkt b/test/packetdrill/listen_close_before_handshake_complete.pkt deleted file mode 100644 index 51c3f1a32..000000000 --- a/test/packetdrill/listen_close_before_handshake_complete.pkt +++ /dev/null @@ -1,31 +0,0 @@ -// Test that closing a listening socket closes any connections in SYN-RCVD -// state and any packets bound for these connections generate a RESET. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -// Set backlog to 1 so that we can easily test. -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0 > S. 0:0(0) ack 1 <...> - -+0.100 close(3) = 0 -+0.1 < P. 1:1(0) ack 1 win 257 - -// Linux generates a reset with no ack number/bit set. This is contradictory to -// what is specified in Rule 1 under Reset Generation in -// https://tools.ietf.org/html/rfc793#section-3.4. -// "1. If the connection does not exist (CLOSED) then a reset is sent -// in response to any incoming segment except another reset. In -// particular, SYNs addressed to a non-existent connection are rejected -// by this means. -// -// If the incoming segment has an ACK field, the reset takes its -// sequence number from the ACK field of the segment, otherwise the -// reset has sequence number zero and the ACK field is set to the sum -// of the sequence number and segment length of the incoming segment. -// The connection remains in the CLOSED state." - -+0.0 > R 1:1(0) win 0
\ No newline at end of file diff --git a/test/packetdrill/netstack/tcp_user_timeout.pkt b/test/packetdrill/netstack/tcp_user_timeout.pkt deleted file mode 100644 index 60103adba..000000000 --- a/test/packetdrill/netstack/tcp_user_timeout.pkt +++ /dev/null @@ -1,38 +0,0 @@ -// Test that a socket w/ TCP_USER_TIMEOUT set aborts the connection -// if there is pending unacked data after the user specified timeout. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0 > S. 0:0(0) ack 1 <...> -+0.1 < . 1:1(0) ack 1 win 32792 - -+0.100 accept(3, ..., ...) = 4 - -// Okay, we received nothing, and decide to close this idle socket. -// We set TCP_USER_TIMEOUT to 3 seconds because really it is not worth -// trying hard to cleanly close this flow, at the price of keeping -// a TCP structure in kernel for about 1 minute! -+2 setsockopt(4, SOL_TCP, TCP_USER_TIMEOUT, [3000], 4) = 0 - -// The write/ack is required mainly for netstack as netstack does -// not update its RTO during the handshake. -+0 write(4, ..., 100) = 100 -+0 > P. 1:101(100) ack 1 <...> -+0 < . 1:1(0) ack 101 win 32792 - -+0 close(4) = 0 - -+0 > F. 101:101(0) ack 1 <...> -+.2~+.300 > F. 101:101(0) ack 1 <...> -+.4~+.500 > F. 101:101(0) ack 1 <...> -+.8~+.900 > F. 101:101(0) ack 1 <...> - -// We finally receive something from the peer, but it is way too late -// Our socket vanished because TCP_USER_TIMEOUT was really small. -+1.61 < . 1:2(1) ack 102 win 32792 -+0 > R 102:102(0) win 0 diff --git a/test/packetdrill/no_rst_to_rst.pkt b/test/packetdrill/no_rst_to_rst.pkt deleted file mode 100644 index 612747827..000000000 --- a/test/packetdrill/no_rst_to_rst.pkt +++ /dev/null @@ -1,36 +0,0 @@ -// Test a RST is not generated in response to a RST and a RST is correctly -// generated when an accepted endpoint is RST due to an incoming RST. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0 > S. 0:0(0) ack 1 <...> -+0 < P. 1:1(0) ack 1 win 257 - -+0.100 accept(3, ..., ...) = 4 - -+0.200 < R 1:1(0) win 0 - -+0.300 read(4,..., 4) = -1 ECONNRESET (Connection Reset by Peer) - -+0.00 < . 1:1(0) ack 1 win 257 - -// Linux generates a reset with no ack number/bit set. This is contradictory to -// what is specified in Rule 1 under Reset Generation in -// https://tools.ietf.org/html/rfc793#section-3.4. -// "1. If the connection does not exist (CLOSED) then a reset is sent -// in response to any incoming segment except another reset. In -// particular, SYNs addressed to a non-existent connection are rejected -// by this means. -// -// If the incoming segment has an ACK field, the reset takes its -// sequence number from the ACK field of the segment, otherwise the -// reset has sequence number zero and the ACK field is set to the sum -// of the sequence number and segment length of the incoming segment. -// The connection remains in the CLOSED state." - -+0.00 > R 1:1(0) win 0
\ No newline at end of file diff --git a/test/packetdrill/packetdrill_setup.sh b/test/packetdrill/packetdrill_setup.sh deleted file mode 100755 index b858072f0..000000000 --- a/test/packetdrill/packetdrill_setup.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -# Copyright 2018 The gVisor Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script runs both within the sentry context and natively. It should tweak -# TCP parameters to match expectations found in the script files. -sysctl -q net.ipv4.tcp_sack=1 -sysctl -q net.ipv4.tcp_rmem="4096 2097152 $((8*1024*1024))" -sysctl -q net.ipv4.tcp_wmem="4096 2097152 $((8*1024*1024))" - -# There may be errors from the above, but they will show up in the test logs and -# we always want to proceed from this point. It's possible that values were -# already set correctly and the nodes were not available in the namespace. -exit 0 diff --git a/test/packetdrill/packetdrill_test.sh b/test/packetdrill/packetdrill_test.sh deleted file mode 100755 index c8268170f..000000000 --- a/test/packetdrill/packetdrill_test.sh +++ /dev/null @@ -1,225 +0,0 @@ -#!/bin/bash - -# Copyright 2020 The gVisor Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Run a packetdrill test. Two docker containers are made, one for the -# Device-Under-Test (DUT) and one for the test runner. Each is attached with -# two networks, one for control packets that aid the test and one for test -# packets which are sent as part of the test and observed for correctness. - -set -euxo pipefail - -function failure() { - local lineno=$1 - local msg=$2 - local filename="$0" - echo "FAIL: $filename:$lineno: $msg" -} -trap 'failure ${LINENO} "$BASH_COMMAND"' ERR - -declare -r LONGOPTS="dut_platform:,init_script:,runtime:" - -# Don't use declare below so that the error from getopt will end the script. -PARSED=$(getopt --options "" --longoptions=$LONGOPTS --name "$0" -- "$@") - -eval set -- "$PARSED" - -while true; do - case "$1" in - --dut_platform) - # Either "linux" or "netstack". - declare -r DUT_PLATFORM="$2" - shift 2 - ;; - --init_script) - declare -r INIT_SCRIPT="$2" - shift 2 - ;; - --runtime) - # Not readonly because there might be multiple --runtime arguments and we - # want to use just the last one. Only used if --dut_platform is - # "netstack". - declare RUNTIME="$2" - shift 2 - ;; - --) - shift - break - ;; - *) - echo "Programming error" - exit 3 - esac -done - -# All the other arguments are scripts. -declare -r scripts="$@" - -# Check that the required flags are defined in a way that is safe for "set -u". -if [[ "${DUT_PLATFORM-}" == "netstack" ]]; then - if [[ -z "${RUNTIME-}" ]]; then - echo "FAIL: Missing --runtime argument: ${RUNTIME-}" - exit 2 - fi - declare -r RUNTIME_ARG="--runtime ${RUNTIME}" -elif [[ "${DUT_PLATFORM-}" == "linux" ]]; then - declare -r RUNTIME_ARG="" -else - echo "FAIL: Bad or missing --dut_platform argument: ${DUT_PLATFORM-}" - exit 2 -fi -if [[ ! -x "${INIT_SCRIPT-}" ]]; then - echo "FAIL: Bad or missing --init_script: ${INIT_SCRIPT-}" - exit 2 -fi - -# Variables specific to the control network and interface start with CTRL_. -# Variables specific to the test network and interface start with TEST_. -# Variables specific to the DUT start with DUT_. -# Variables specific to the test runner start with TEST_RUNNER_. -declare -r PACKETDRILL="/packetdrill/gtests/net/packetdrill/packetdrill" -# Use random numbers so that test networks don't collide. -declare -r CTRL_NET="ctrl_net-$(shuf -i 0-99999999 -n 1)" -declare -r TEST_NET="test_net-$(shuf -i 0-99999999 -n 1)" -declare -r tolerance_usecs=100000 -# On both DUT and test runner, testing packets are on the eth2 interface. -declare -r TEST_DEVICE="eth2" -# Number of bits in the *_NET_PREFIX variables. -declare -r NET_MASK="24" -function new_net_prefix() { - # Class C, 192.0.0.0 to 223.255.255.255, transitionally has mask 24. - echo "$(shuf -i 192-223 -n 1).$(shuf -i 0-255 -n 1).$(shuf -i 0-255 -n 1)" -} -# Last bits of the DUT's IP address. -declare -r DUT_NET_SUFFIX=".10" -# Control port. -declare -r CTRL_PORT="40000" -# Last bits of the test runner's IP address. -declare -r TEST_RUNNER_NET_SUFFIX=".20" -declare -r TIMEOUT="60" -declare -r IMAGE_TAG="gcr.io/gvisor-presubmit/packetdrill" - -# Make sure that docker is installed. -docker --version - -function finish { - local cleanup_success=1 - for net in "${CTRL_NET}" "${TEST_NET}"; do - # Kill all processes attached to ${net}. - for docker_command in "kill" "rm"; do - (docker network inspect "${net}" \ - --format '{{range $key, $value := .Containers}}{{$key}} {{end}}' \ - | xargs -r docker "${docker_command}") || \ - cleanup_success=0 - done - # Remove the network. - docker network rm "${net}" || \ - cleanup_success=0 - done - - if ((!$cleanup_success)); then - echo "FAIL: Cleanup command failed" - exit 4 - fi -} -trap finish EXIT - -# Subnet for control packets between test runner and DUT. -declare CTRL_NET_PREFIX=$(new_net_prefix) -while ! docker network create \ - "--subnet=${CTRL_NET_PREFIX}.0/${NET_MASK}" "${CTRL_NET}"; do - sleep 0.1 - declare CTRL_NET_PREFIX=$(new_net_prefix) -done - -# Subnet for the packets that are part of the test. -declare TEST_NET_PREFIX=$(new_net_prefix) -while ! docker network create \ - "--subnet=${TEST_NET_PREFIX}.0/${NET_MASK}" "${TEST_NET}"; do - sleep 0.1 - declare TEST_NET_PREFIX=$(new_net_prefix) -done - -docker pull "${IMAGE_TAG}" - -# Create the DUT container and connect to network. -DUT=$(docker create ${RUNTIME_ARG} --privileged --rm \ - --stop-timeout ${TIMEOUT} -it ${IMAGE_TAG}) -docker network connect "${CTRL_NET}" \ - --ip "${CTRL_NET_PREFIX}${DUT_NET_SUFFIX}" "${DUT}" \ - || (docker kill ${DUT}; docker rm ${DUT}; false) -docker network connect "${TEST_NET}" \ - --ip "${TEST_NET_PREFIX}${DUT_NET_SUFFIX}" "${DUT}" \ - || (docker kill ${DUT}; docker rm ${DUT}; false) -docker start "${DUT}" - -# Create the test runner container and connect to network. -TEST_RUNNER=$(docker create --privileged --rm \ - --stop-timeout ${TIMEOUT} -it ${IMAGE_TAG}) -docker network connect "${CTRL_NET}" \ - --ip "${CTRL_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" "${TEST_RUNNER}" \ - || (docker kill ${TEST_RUNNER}; docker rm ${REST_RUNNER}; false) -docker network connect "${TEST_NET}" \ - --ip "${TEST_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" "${TEST_RUNNER}" \ - || (docker kill ${TEST_RUNNER}; docker rm ${REST_RUNNER}; false) -docker start "${TEST_RUNNER}" - -# Run tcpdump in the test runner unbuffered, without dns resolution, just on the -# interface with the test packets. -docker exec -t ${TEST_RUNNER} tcpdump -U -n -i "${TEST_DEVICE}" & - -# Start a packetdrill server on the test_runner. The packetdrill server sends -# packets and asserts that they are received. -docker exec -d "${TEST_RUNNER}" \ - ${PACKETDRILL} --wire_server --wire_server_dev="${TEST_DEVICE}" \ - --wire_server_ip="${CTRL_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" \ - --wire_server_port="${CTRL_PORT}" \ - --local_ip="${TEST_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" \ - --remote_ip="${TEST_NET_PREFIX}${DUT_NET_SUFFIX}" - -# Because the Linux kernel receives the SYN-ACK but didn't send the SYN it will -# issue a RST. To prevent this IPtables can be used to filter those out. -docker exec "${TEST_RUNNER}" \ - iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP - -# Wait for the packetdrill server on the test runner to come. Attempt to -# connect to it from the DUT every 100 milliseconds until success. -while ! docker exec "${DUT}" \ - nc -zv "${CTRL_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" "${CTRL_PORT}"; do - sleep 0.1 -done - -# Copy the packetdrill setup script to the DUT. -docker cp -L "${INIT_SCRIPT}" "${DUT}:packetdrill_setup.sh" - -# Copy the packetdrill scripts to the DUT. -declare -a dut_scripts -for script in $scripts; do - docker cp -L "${script}" "${DUT}:$(basename ${script})" - dut_scripts+=("/$(basename ${script})") -done - -# Start a packetdrill client on the DUT. The packetdrill client runs POSIX -# socket commands and also sends instructions to the server. -docker exec -t "${DUT}" \ - ${PACKETDRILL} --wire_client --wire_client_dev="${TEST_DEVICE}" \ - --wire_server_ip="${CTRL_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" \ - --wire_server_port="${CTRL_PORT}" \ - --local_ip="${TEST_NET_PREFIX}${DUT_NET_SUFFIX}" \ - --remote_ip="${TEST_NET_PREFIX}${TEST_RUNNER_NET_SUFFIX}" \ - --init_scripts=/packetdrill_setup.sh \ - --tolerance_usecs="${tolerance_usecs}" "${dut_scripts[@]}" - -echo PASS: No errors. diff --git a/test/packetdrill/reset_for_ack_when_no_syn_cookies_in_use.pkt b/test/packetdrill/reset_for_ack_when_no_syn_cookies_in_use.pkt deleted file mode 100644 index a86b90ce6..000000000 --- a/test/packetdrill/reset_for_ack_when_no_syn_cookies_in_use.pkt +++ /dev/null @@ -1,9 +0,0 @@ -// Test that a listening socket generates a RST when it receives an -// ACK and syn cookies are not in use. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 bind(3, ..., ...) = 0 - -+0 listen(3, 1) = 0 -+0.1 < . 1:1(0) ack 1 win 32792 -+0 > R 1:1(0) ack 0 win 0
\ No newline at end of file diff --git a/test/packetdrill/sanity_test.pkt b/test/packetdrill/sanity_test.pkt deleted file mode 100644 index b3b58c366..000000000 --- a/test/packetdrill/sanity_test.pkt +++ /dev/null @@ -1,7 +0,0 @@ -// Basic sanity test. One system call. -// -// All of the plumbing has to be working however, and the packetdrill wire -// client needs to be able to connect to the wire server and send the script, -// probe local interfaces, run through the test w/ timings, etc. - -0.000 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 diff --git a/test/packetdrill/tcp_defer_accept.pkt b/test/packetdrill/tcp_defer_accept.pkt deleted file mode 100644 index a17f946db..000000000 --- a/test/packetdrill/tcp_defer_accept.pkt +++ /dev/null @@ -1,48 +0,0 @@ -// Test that a bare ACK does not complete a connection when TCP_DEFER_ACCEPT -// timeout is not hit but an ACK w/ data does complete and deliver the -// connection to the accept queue. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 setsockopt(3, SOL_TCP, TCP_DEFER_ACCEPT, [5], 4) = 0 -+0.000 fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 -+0 bind(3, ..., ...) = 0 - -// Set backlog to 1 so that we can easily test. -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0.0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0.0 > S. 0:0(0) ack 1 <...> - -// Send a bare ACK this should not complete the connection as we -// set the TCP_DEFER_ACCEPT above. -+0.0 < . 1:1(0) ack 1 win 257 - -// The bare ACK should be dropped and no connection should be delivered -// to the accept queue. -+0.100 accept(3, ..., ...) = -1 EWOULDBLOCK (operation would block) - -// Send another bare ACK and it should still fail we set TCP_DEFER_ACCEPT -// to 5 seconds above. -+2.5 < . 1:1(0) ack 1 win 257 -+0.100 accept(3, ..., ...) = -1 EWOULDBLOCK (operation would block) - -// set accept socket back to blocking. -+0.000 fcntl(3, F_SETFL, O_RDWR) = 0 - -// Now send an ACK w/ data. This should complete the connection -// and deliver the socket to the accept queue. -+0.1 < . 1:5(4) ack 1 win 257 -+0.0 > . 1:1(0) ack 5 <...> - -// This should cause connection to transition to connected state. -+0.000 accept(3, ..., ...) = 4 -+0.000 fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 - -// Now read the data and we should get 4 bytes. -+0.000 read(4,..., 4) = 4 -+0.000 close(4) = 0 - -+0.0 > F. 1:1(0) ack 5 <...> -+0.0 < F. 5:5(0) ack 2 win 257 -+0.01 > . 2:2(0) ack 6 <...>
\ No newline at end of file diff --git a/test/packetdrill/tcp_defer_accept_timeout.pkt b/test/packetdrill/tcp_defer_accept_timeout.pkt deleted file mode 100644 index 201fdeb14..000000000 --- a/test/packetdrill/tcp_defer_accept_timeout.pkt +++ /dev/null @@ -1,48 +0,0 @@ -// Test that a bare ACK is accepted after TCP_DEFER_ACCEPT timeout -// is hit and a connection is delivered. - -0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3 -+0 setsockopt(3, SOL_TCP, TCP_DEFER_ACCEPT, [3], 4) = 0 -+0.000 fcntl(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 -+0 bind(3, ..., ...) = 0 - -// Set backlog to 1 so that we can easily test. -+0 listen(3, 1) = 0 - -// Establish a connection without timestamps. -+0.0 < S 0:0(0) win 32792 <mss 1460,sackOK,nop,nop,nop,wscale 7> -+0.0 > S. 0:0(0) ack 1 <...> - -// Send a bare ACK this should not complete the connection as we -// set the TCP_DEFER_ACCEPT above. -+0.0 < . 1:1(0) ack 1 win 257 - -// The bare ACK should be dropped and no connection should be delivered -// to the accept queue. -+0.100 accept(3, ..., ...) = -1 EWOULDBLOCK (operation would block) - -// Send another bare ACK and it should still fail we set TCP_DEFER_ACCEPT -// to 5 seconds above. -+2.5 < . 1:1(0) ack 1 win 257 -+0.100 accept(3, ..., ...) = -1 EWOULDBLOCK (operation would block) - -// set accept socket back to blocking. -+0.000 fcntl(3, F_SETFL, O_RDWR) = 0 - -// We should see one more retransmit of the SYN-ACK as a last ditch -// attempt when TCP_DEFER_ACCEPT timeout is hit to trigger another -// ACK or a packet with data. -+.35~+2.35 > S. 0:0(0) ack 1 <...> - -// Now send another bare ACK after TCP_DEFER_ACCEPT time has been passed. -+0.0 < . 1:1(0) ack 1 win 257 - -// The ACK above should cause connection to transition to connected state. -+0.000 accept(3, ..., ...) = 4 -+0.000 fcntl(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 - -+0.000 close(4) = 0 - -+0.0 > F. 1:1(0) ack 1 <...> -+0.0 < F. 1:1(0) ack 2 win 257 -+0.01 > . 2:2(0) ack 2 <...> |