summaryrefslogtreecommitdiffhomepage
path: root/test/syscalls
diff options
context:
space:
mode:
Diffstat (limited to 'test/syscalls')
-rw-r--r--test/syscalls/linux/tuntap.cc137
1 files changed, 106 insertions, 31 deletions
diff --git a/test/syscalls/linux/tuntap.cc b/test/syscalls/linux/tuntap.cc
index 538652183..13ed0d68a 100644
--- a/test/syscalls/linux/tuntap.cc
+++ b/test/syscalls/linux/tuntap.cc
@@ -19,6 +19,7 @@
#include <linux/if_tun.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
+#include <poll.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/types.h>
@@ -44,6 +45,9 @@ constexpr int kIPLen = 4;
constexpr const char kDevNetTun[] = "/dev/net/tun";
constexpr const char kTapName[] = "tap0";
+#define kTapIPAddr htonl(0x0a000001) /* Inet 10.0.0.1 */
+#define kTapPeerIPAddr htonl(0x0a000002) /* Inet 10.0.0.2 */
+
constexpr const uint8_t kMacA[ETH_ALEN] = {0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA};
constexpr const uint8_t kMacB[ETH_ALEN] = {0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB};
@@ -79,8 +83,9 @@ struct ping_pkt {
char payload[64];
} __attribute__((packed));
-ping_pkt CreatePingPacket(const uint8_t srcmac[ETH_ALEN], const char* srcip,
- const uint8_t dstmac[ETH_ALEN], const char* dstip) {
+ping_pkt CreatePingPacket(const uint8_t srcmac[ETH_ALEN], const in_addr_t srcip,
+ const uint8_t dstmac[ETH_ALEN],
+ const in_addr_t dstip) {
ping_pkt pkt = {};
pkt.pi.pi_protocol = htons(ETH_P_IP);
@@ -98,8 +103,8 @@ ping_pkt CreatePingPacket(const uint8_t srcmac[ETH_ALEN], const char* srcip,
pkt.ip.frag_off = 1 << 6; // Do not fragment
pkt.ip.ttl = 64;
pkt.ip.protocol = IPPROTO_ICMP;
- inet_pton(AF_INET, dstip, &pkt.ip.daddr);
- inet_pton(AF_INET, srcip, &pkt.ip.saddr);
+ pkt.ip.daddr = dstip;
+ pkt.ip.saddr = srcip;
pkt.ip.check = IPChecksum(pkt.ip);
pkt.icmp.type = ICMP_ECHO;
@@ -124,8 +129,10 @@ struct arp_pkt {
uint8_t arp_tpa[kIPLen];
} __attribute__((packed));
-std::string CreateArpPacket(const uint8_t srcmac[ETH_ALEN], const char* srcip,
- const uint8_t dstmac[ETH_ALEN], const char* dstip) {
+std::string CreateArpPacket(const uint8_t srcmac[ETH_ALEN],
+ const in_addr_t srcip,
+ const uint8_t dstmac[ETH_ALEN],
+ const in_addr_t dstip) {
std::string buffer;
buffer.resize(sizeof(arp_pkt));
@@ -144,9 +151,9 @@ std::string CreateArpPacket(const uint8_t srcmac[ETH_ALEN], const char* srcip,
pkt->arp.ar_op = htons(ARPOP_REPLY);
memcpy(pkt->arp_sha, srcmac, sizeof(pkt->arp_sha));
- inet_pton(AF_INET, srcip, pkt->arp_spa);
+ memcpy(pkt->arp_spa, &srcip, sizeof(pkt->arp_spa));
memcpy(pkt->arp_tha, dstmac, sizeof(pkt->arp_tha));
- inet_pton(AF_INET, dstip, pkt->arp_tpa);
+ memcpy(pkt->arp_tpa, &dstip, sizeof(pkt->arp_tpa));
}
return buffer;
}
@@ -165,6 +172,16 @@ class TuntapTest : public ::testing::Test {
void SetUp() override {
have_net_admin_cap_ =
ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN));
+
+ if (have_net_admin_cap_ && !IsRunningOnGvisor()) {
+ // gVisor always creates enabled/up'd interfaces, while Linux does not (as
+ // observed in b/110961832). Some of the tests require the Linux stack to
+ // notify the socket of any link-address-resolution failures. Those
+ // notifications do not seem to show up when the loopback interface in the
+ // namespace is down.
+ auto link = ASSERT_NO_ERRNO_AND_VALUE(GetLinkByName("lo"));
+ ASSERT_NO_ERRNO(LinkChangeFlags(link.index, IFF_UP, IFF_UP));
+ }
}
void TearDown() override {
@@ -263,8 +280,8 @@ TEST_F(TuntapTest, WriteToDownDevice) {
EXPECT_THAT(write(fd.get(), buf, sizeof(buf)), SyscallFailsWithErrno(EIO));
}
-PosixErrorOr<FileDescriptor> OpenAndAttachTap(
- const std::string& dev_name, const std::string& dev_ipv4_addr) {
+PosixErrorOr<FileDescriptor> OpenAndAttachTap(const std::string& dev_name,
+ const in_addr_t dev_addr) {
// Interface creation.
ASSIGN_OR_RETURN_ERRNO(FileDescriptor fd, Open(kDevNetTun, O_RDWR));
@@ -277,11 +294,10 @@ PosixErrorOr<FileDescriptor> OpenAndAttachTap(
ASSIGN_OR_RETURN_ERRNO(auto link, GetLinkByName(dev_name));
+ const struct in_addr dev_ipv4_addr = {.s_addr = dev_addr};
// Interface setup.
- struct in_addr addr;
- inet_pton(AF_INET, dev_ipv4_addr.c_str(), &addr);
- EXPECT_NO_ERRNO(LinkAddLocalAddr(link.index, AF_INET, /*prefixlen=*/24, &addr,
- sizeof(addr)));
+ EXPECT_NO_ERRNO(LinkAddLocalAddr(link.index, AF_INET, /*prefixlen=*/24,
+ &dev_ipv4_addr, sizeof(dev_ipv4_addr)));
if (!IsRunningOnGvisor()) {
// FIXME(b/110961832): gVisor doesn't support setting MAC address on
@@ -313,9 +329,11 @@ TEST_F(TuntapTest, PingKernel) {
SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
FileDescriptor fd =
- ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, "10.0.0.1"));
- ping_pkt ping_req = CreatePingPacket(kMacB, "10.0.0.2", kMacA, "10.0.0.1");
- std::string arp_rep = CreateArpPacket(kMacB, "10.0.0.2", kMacA, "10.0.0.1");
+ ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, kTapIPAddr));
+ ping_pkt ping_req =
+ CreatePingPacket(kMacB, kTapPeerIPAddr, kMacA, kTapIPAddr);
+ std::string arp_rep =
+ CreateArpPacket(kMacB, kTapPeerIPAddr, kMacA, kTapIPAddr);
// Send ping, this would trigger an ARP request on Linux.
EXPECT_THAT(write(fd.get(), &ping_req, sizeof(ping_req)),
@@ -368,20 +386,20 @@ TEST_F(TuntapTest, SendUdpTriggersArpResolution) {
SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
FileDescriptor fd =
- ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, "10.0.0.1"));
+ ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, kTapIPAddr));
// Send a UDP packet to remote.
int sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_IP);
ASSERT_THAT(sock, SyscallSucceeds());
- struct sockaddr_in remote = {};
- remote.sin_family = AF_INET;
- remote.sin_port = htons(42);
- inet_pton(AF_INET, "10.0.0.2", &remote.sin_addr);
- int ret = sendto(sock, "hello", 5, 0, reinterpret_cast<sockaddr*>(&remote),
- sizeof(remote));
- ASSERT_THAT(ret, ::testing::AnyOf(SyscallSucceeds(),
- SyscallFailsWithErrno(EHOSTDOWN)));
+ struct sockaddr_in remote = {
+ .sin_family = AF_INET,
+ .sin_port = htons(42),
+ .sin_addr = {.s_addr = kTapPeerIPAddr},
+ };
+ ASSERT_THAT(sendto(sock, "hello", 5, 0, reinterpret_cast<sockaddr*>(&remote),
+ sizeof(remote)),
+ SyscallSucceeds());
struct inpkt {
union {
@@ -407,21 +425,78 @@ TEST_F(TuntapTest, SendUdpTriggersArpResolution) {
}
}
+// TCPBlockingConnectFailsArpResolution tests for TCP connect to fail on link
+// address resolution failure to a routable, but non existent peer.
+TEST_F(TuntapTest, TCPBlockingConnectFailsArpResolution) {
+ SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
+
+ FileDescriptor sender =
+ ASSERT_NO_ERRNO_AND_VALUE(Socket(AF_INET, SOCK_STREAM, IPPROTO_TCP));
+
+ FileDescriptor fd =
+ ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, kTapIPAddr));
+
+ sockaddr_in connect_addr = {
+ .sin_family = AF_INET,
+ .sin_addr = {.s_addr = kTapPeerIPAddr},
+ };
+ ASSERT_THAT(connect(sender.get(),
+ reinterpret_cast<const struct sockaddr*>(&connect_addr),
+ sizeof(connect_addr)),
+ SyscallFailsWithErrno(EHOSTUNREACH));
+}
+
+// TCPNonBlockingConnectFailsArpResolution tests for TCP non-blocking connect to
+// to trigger an error event to be notified to poll on link address resolution
+// failure to a routable, but non existent peer.
+TEST_F(TuntapTest, TCPNonBlockingConnectFailsArpResolution) {
+ SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
+
+ FileDescriptor sender = ASSERT_NO_ERRNO_AND_VALUE(
+ Socket(AF_INET, SOCK_STREAM | SOCK_NONBLOCK, IPPROTO_TCP));
+
+ FileDescriptor fd =
+ ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, kTapIPAddr));
+
+ sockaddr_in connect_addr = {
+ .sin_family = AF_INET,
+ .sin_addr = {.s_addr = kTapPeerIPAddr},
+ };
+ ASSERT_THAT(connect(sender.get(),
+ reinterpret_cast<const struct sockaddr*>(&connect_addr),
+ sizeof(connect_addr)),
+ SyscallFailsWithErrno(EINPROGRESS));
+
+ constexpr int kTimeout = 10000;
+ struct pollfd pfd = {
+ .fd = sender.get(),
+ .events = POLLIN | POLLOUT,
+ };
+ ASSERT_THAT(poll(&pfd, 1, kTimeout), SyscallSucceedsWithValue(1));
+ ASSERT_EQ(pfd.revents, POLLIN | POLLOUT | POLLHUP | POLLERR);
+
+ ASSERT_THAT(connect(sender.get(),
+ reinterpret_cast<const struct sockaddr*>(&connect_addr),
+ sizeof(connect_addr)),
+ SyscallFailsWithErrno(EHOSTUNREACH));
+}
+
// Write hang bug found by syskaller: b/155928773
// https://syzkaller.appspot.com/bug?id=065b893bd8d1d04a4e0a1d53c578537cde1efe99
TEST_F(TuntapTest, WriteHangBug155928773) {
SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_NET_ADMIN)));
FileDescriptor fd =
- ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, "10.0.0.1"));
+ ASSERT_NO_ERRNO_AND_VALUE(OpenAndAttachTap(kTapName, kTapIPAddr));
int sock = socket(AF_INET, SOCK_DGRAM, 0);
ASSERT_THAT(sock, SyscallSucceeds());
- struct sockaddr_in remote = {};
- remote.sin_family = AF_INET;
- remote.sin_port = htons(42);
- inet_pton(AF_INET, "10.0.0.1", &remote.sin_addr);
+ struct sockaddr_in remote = {
+ .sin_family = AF_INET,
+ .sin_port = htons(42),
+ .sin_addr = {.s_addr = kTapIPAddr},
+ };
// Return values do not matter in this test.
connect(sock, reinterpret_cast<struct sockaddr*>(&remote), sizeof(remote));
write(sock, "hello", 5);