Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / 45e854c068ad352b335c4052e4d39a01b61ee3ed / . / patchpanel / datapath_test.cc
blob: b5120115ed5dc4ea671b8a5e519c0c3ae50f11cf [file] [log] [blame]
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]1// Copyright 2019 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]5#include "patchpanel/datapath.h"
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]6
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]7#include <linux/if_tun.h>
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]8#include <net/if.h>
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]9#include <sys/ioctl.h>
10
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]11#include <utility>
12#include <vector>
13
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]14#include <base/bind.h>
Qijiang Fane90b8792020-03-09 16:15:41 +0900[diff] [blame]15#include <base/bind_helpers.h>
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]16#include <base/strings/string_util.h>
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]17#include <gmock/gmock.h>
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]18#include <gtest/gtest.h>
19
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]20#include "patchpanel/net_util.h"
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]21
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]22using testing::_;
23using testing::ElementsAre;
24using testing::Return;
25using testing::StrEq;
26
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]27namespace patchpanel {
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]28namespace {
29
Hugo Benichi76675592020-04-08 14:29:57 +0900[diff] [blame]30// TODO(hugobenichi) Centralize this constant definition
31constexpr pid_t kTestPID = -2;
32
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]33std::vector<ioctl_req_t> ioctl_reqs;
34std::vector<std::pair<std::string, struct rtentry>> ioctl_rtentry_args;
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]35
36// Capture all ioctls and succeed.
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]37int ioctl_req_cap(int fd, ioctl_req_t req, ...) {
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]38 ioctl_reqs.push_back(req);
39 return 0;
40}
41
42// Capture ioctls for SIOCADDRT and SIOCDELRT and succeed.
43int ioctl_rtentry_cap(int fd, ioctl_req_t req, struct rtentry* arg) {
44 ioctl_reqs.push_back(req);
45 ioctl_rtentry_args.push_back({"", *arg});
46 // Copy the string poited by rtentry.rt_dev because Add/DeleteIPv4Route pass
47 // this value to ioctl() on the stack.
48 if (arg->rt_dev) {
49 auto& cap = ioctl_rtentry_args.back();
50 cap.first = std::string(arg->rt_dev);
51 cap.second.rt_dev = (char*)cap.first.c_str();
52 }
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]53 return 0;
54}
55
56} // namespace
57
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]58class MockProcessRunner : public MinijailedProcessRunner {
59 public:
60 MockProcessRunner() = default;
61 ~MockProcessRunner() = default;
62
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]63 MOCK_METHOD2(RestoreDefaultNamespace,
64 int(const std::string& ifname, pid_t pid));
65 MOCK_METHOD1(WriteSentinelToContainer, int(pid_t pid));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]66 MOCK_METHOD3(brctl,
67 int(const std::string& cmd,
68 const std::vector<std::string>& argv,
69 bool log_failures));
70 MOCK_METHOD4(chown,
71 int(const std::string& uid,
72 const std::string& gid,
73 const std::string& file,
74 bool log_failures));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]75 MOCK_METHOD4(ip,
76 int(const std::string& obj,
77 const std::string& cmd,
78 const std::vector<std::string>& args,
79 bool log_failures));
80 MOCK_METHOD4(ip6,
81 int(const std::string& obj,
82 const std::string& cmd,
83 const std::vector<std::string>& args,
84 bool log_failures));
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]85 MOCK_METHOD4(iptables,
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]86 int(const std::string& table,
87 const std::vector<std::string>& argv,
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]88 bool log_failures,
89 std::string* output));
90 MOCK_METHOD4(ip6tables,
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]91 int(const std::string& table,
92 const std::vector<std::string>& argv,
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]93 bool log_failures,
94 std::string* output));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]95 MOCK_METHOD2(modprobe_all,
96 int(const std::vector<std::string>& modules, bool log_failures));
97 MOCK_METHOD3(sysctl_w,
98 int(const std::string& key,
99 const std::string& value,
100 bool log_failures));
101};
102
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]103TEST(DatapathTest, AddTAP) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]104 MockProcessRunner runner;
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]105 Datapath datapath(&runner, ioctl_req_cap);
106 MacAddress mac = {1, 2, 3, 4, 5, 6};
Qijiang Fane90b8792020-03-09 16:15:41 +0900[diff] [blame]107 Subnet subnet(Ipv4Addr(100, 115, 92, 4), 30, base::DoNothing());
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]108 auto addr = subnet.AllocateAtOffset(0);
Garrick Evans4f9f5572019-11-26 10:25:16 +0900[diff] [blame]109 auto ifname = datapath.AddTAP("foo0", &mac, addr.get(), "");
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]110 EXPECT_EQ(ifname, "foo0");
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]111 std::vector<ioctl_req_t> expected = {
112 TUNSETIFF, TUNSETPERSIST, SIOCSIFADDR, SIOCSIFNETMASK,
113 SIOCSIFHWADDR, SIOCGIFFLAGS, SIOCSIFFLAGS};
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]114 EXPECT_EQ(ioctl_reqs, expected);
115 ioctl_reqs.clear();
116}
117
118TEST(DatapathTest, AddTAPWithOwner) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]119 MockProcessRunner runner;
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]120 Datapath datapath(&runner, ioctl_req_cap);
121 MacAddress mac = {1, 2, 3, 4, 5, 6};
Qijiang Fane90b8792020-03-09 16:15:41 +0900[diff] [blame]122 Subnet subnet(Ipv4Addr(100, 115, 92, 4), 30, base::DoNothing());
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]123 auto addr = subnet.AllocateAtOffset(0);
Garrick Evans4f9f5572019-11-26 10:25:16 +0900[diff] [blame]124 auto ifname = datapath.AddTAP("foo0", &mac, addr.get(), "root");
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]125 EXPECT_EQ(ifname, "foo0");
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]126 std::vector<ioctl_req_t> expected = {
127 TUNSETIFF, TUNSETPERSIST, TUNSETOWNER, SIOCSIFADDR,
128 SIOCSIFNETMASK, SIOCSIFHWADDR, SIOCGIFFLAGS, SIOCSIFFLAGS};
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]129 EXPECT_EQ(ioctl_reqs, expected);
130 ioctl_reqs.clear();
131}
132
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]133TEST(DatapathTest, AddTAPNoAddrs) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]134 MockProcessRunner runner;
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]135 Datapath datapath(&runner, ioctl_req_cap);
Garrick Evans4f9f5572019-11-26 10:25:16 +0900[diff] [blame]136 auto ifname = datapath.AddTAP("foo0", nullptr, nullptr, "");
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]137 EXPECT_EQ(ifname, "foo0");
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]138 std::vector<ioctl_req_t> expected = {TUNSETIFF, TUNSETPERSIST, SIOCGIFFLAGS,
139 SIOCSIFFLAGS};
Garrick Evans621ed262019-11-13 12:28:43 +0900[diff] [blame]140 EXPECT_EQ(ioctl_reqs, expected);
141 ioctl_reqs.clear();
142}
143
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]144TEST(DatapathTest, RemoveTAP) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]145 MockProcessRunner runner;
146 EXPECT_CALL(runner, ip(StrEq("tuntap"), StrEq("del"),
147 ElementsAre("foo0", "mode", "tap"), true));
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]148 Datapath datapath(&runner);
149 datapath.RemoveTAP("foo0");
Garrick Evansc7ae82c2019-09-04 16:25:10 +0900[diff] [blame]150}
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]151
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]152TEST(DatapathTest, AddBridge) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]153 MockProcessRunner runner;
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]154 Datapath datapath(&runner);
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]155 EXPECT_CALL(runner, brctl(StrEq("addbr"), ElementsAre("br"), true));
Garrick Evans6f4fa3a2020-02-10 16:15:09 +0900[diff] [blame]156 EXPECT_CALL(
157 runner,
158 ip(StrEq("addr"), StrEq("add"),
159 ElementsAre("1.1.1.1/30", "brd", "1.1.1.3", "dev", "br"), true));
Garrick Evans7a1a9ee2020-01-28 11:03:57 +0900[diff] [blame]160 EXPECT_CALL(runner,
161 ip(StrEq("link"), StrEq("set"), ElementsAre("br", "up"), true));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]162 EXPECT_CALL(runner, iptables(StrEq("mangle"),
163 ElementsAre("-A", "PREROUTING", "-i", "br", "-j",
164 "MARK", "--set-mark", "1", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]165 true, nullptr));
Garrick Evans7a1a9ee2020-01-28 11:03:57 +0900[diff] [blame]166 datapath.AddBridge("br", Ipv4Addr(1, 1, 1, 1), 30);
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]167}
168
Hugo Benichi76675592020-04-08 14:29:57 +0900[diff] [blame]169TEST(DatapathTest, ConnectVethPair) {
170 MockProcessRunner runner;
171 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("add"),
172 ElementsAre("veth_foo", "type", "veth", "peer", "name",
173 "peer_foo"),
174 true));
175 EXPECT_CALL(runner, ip(StrEq("addr"), StrEq("add"),
176 ElementsAre("100.115.92.169/30", "brd",
177 "100.115.92.171", "dev", "peer_foo"),
178 true))
179 .WillOnce(Return(0));
180 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("set"),
181 ElementsAre("dev", "peer_foo", "up", "addr",
182 "01:02:03:04:05:06", "multicast", "on"),
183 true))
184 .WillOnce(Return(0));
185 EXPECT_CALL(runner, RestoreDefaultNamespace(StrEq("veth_foo"), kTestPID));
186 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("set"),
187 ElementsAre("veth_foo", "up"), true));
188 Datapath datapath(&runner);
189 EXPECT_TRUE(datapath.ConnectVethPair(kTestPID, "veth_foo", "peer_foo",
190 {1, 2, 3, 4, 5, 6},
191 Ipv4Addr(100, 115, 92, 169), 30, true));
192}
193
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]194TEST(DatapathTest, AddVirtualInterfacePair) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]195 MockProcessRunner runner;
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]196 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("add"),
197 ElementsAre("veth_foo", "type", "veth", "peer", "name",
198 "peer_foo"),
199 true));
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]200 Datapath datapath(&runner);
201 EXPECT_TRUE(datapath.AddVirtualInterfacePair("veth_foo", "peer_foo"));
202}
203
204TEST(DatapathTest, ToggleInterface) {
205 MockProcessRunner runner;
206 EXPECT_CALL(runner,
207 ip(StrEq("link"), StrEq("set"), ElementsAre("foo", "up"), true));
Garrick Evans7a1a9ee2020-01-28 11:03:57 +0900[diff] [blame]208 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("set"),
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]209 ElementsAre("bar", "down"), true));
210 Datapath datapath(&runner);
211 EXPECT_TRUE(datapath.ToggleInterface("foo", true));
212 EXPECT_TRUE(datapath.ToggleInterface("bar", false));
213}
214
215TEST(DatapathTest, ConfigureInterface) {
216 MockProcessRunner runner;
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]217 EXPECT_CALL(
218 runner,
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]219 ip(StrEq("addr"), StrEq("add"),
220 ElementsAre("1.1.1.1/30", "brd", "1.1.1.3", "dev", "foo"), true))
221 .WillOnce(Return(0));
222 EXPECT_CALL(runner, ip(StrEq("link"), StrEq("set"),
223 ElementsAre("dev", "foo", "up", "addr",
224 "02:02:02:02:02:02", "multicast", "on"),
225 true))
226 .WillOnce(Return(0));
227
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]228 Datapath datapath(&runner);
Garrick Evans2470caa2020-03-04 14:15:41 +0900[diff] [blame]229 MacAddress mac_addr = {2, 2, 2, 2, 2, 2};
230 EXPECT_TRUE(datapath.ConfigureInterface("foo", mac_addr, Ipv4Addr(1, 1, 1, 1),
231 30, true, true));
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]232}
233
234TEST(DatapathTest, RemoveInterface) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]235 MockProcessRunner runner;
236 EXPECT_CALL(runner,
237 ip(StrEq("link"), StrEq("delete"), ElementsAre("foo"), false));
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]238 Datapath datapath(&runner);
239 datapath.RemoveInterface("foo");
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]240}
241
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]242TEST(DatapathTest, RemoveBridge) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]243 MockProcessRunner runner;
244 EXPECT_CALL(runner, iptables(StrEq("mangle"),
245 ElementsAre("-D", "PREROUTING", "-i", "br", "-j",
246 "MARK", "--set-mark", "1", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]247 true, nullptr));
Garrick Evans7a1a9ee2020-01-28 11:03:57 +0900[diff] [blame]248 EXPECT_CALL(runner,
249 ip(StrEq("link"), StrEq("set"), ElementsAre("br", "down"), true));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]250 EXPECT_CALL(runner, brctl(StrEq("delbr"), ElementsAre("br"), true));
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]251 Datapath datapath(&runner);
252 datapath.RemoveBridge("br");
Garrick Evans8a949dc2019-07-18 16:17:53 +0900[diff] [blame]253}
254
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]255TEST(DatapathTest, AddLegacyIPv4DNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]256 MockProcessRunner runner;
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]257 EXPECT_CALL(runner,
258 iptables(StrEq("nat"), ElementsAre("-N", "dnat_arc", "-w"), true,
259 nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]260 EXPECT_CALL(runner, iptables(StrEq("nat"),
261 ElementsAre("-A", "dnat_arc", "-j", "DNAT",
262 "--to-destination", "1.2.3.4", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]263 true, nullptr));
264 EXPECT_CALL(runner, iptables(StrEq("nat"), ElementsAre("-N", "try_arc", "-w"),
265 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]266 EXPECT_CALL(runner,
267 iptables(StrEq("nat"),
268 ElementsAre("-A", "PREROUTING", "-m", "socket",
269 "--nowildcard", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]270 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]271 EXPECT_CALL(runner, iptables(StrEq("nat"),
272 ElementsAre("-A", "PREROUTING", "-p", "tcp",
273 "-j", "try_arc", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]274 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]275 EXPECT_CALL(runner, iptables(StrEq("nat"),
276 ElementsAre("-A", "PREROUTING", "-p", "udp",
277 "-j", "try_arc", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]278 true, nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]279 Datapath datapath(&runner);
280 datapath.AddLegacyIPv4DNAT("1.2.3.4");
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]281}
282
283TEST(DatapathTest, RemoveLegacyIPv4DNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]284 MockProcessRunner runner;
285 EXPECT_CALL(runner, iptables(StrEq("nat"),
286 ElementsAre("-D", "PREROUTING", "-p", "udp",
287 "-j", "try_arc", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]288 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]289 EXPECT_CALL(runner, iptables(StrEq("nat"),
290 ElementsAre("-D", "PREROUTING", "-p", "tcp",
291 "-j", "try_arc", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]292 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]293 EXPECT_CALL(runner,
294 iptables(StrEq("nat"),
295 ElementsAre("-D", "PREROUTING", "-m", "socket",
296 "--nowildcard", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]297 true, nullptr));
298 EXPECT_CALL(runner, iptables(StrEq("nat"), ElementsAre("-F", "try_arc", "-w"),
299 true, nullptr));
300 EXPECT_CALL(runner, iptables(StrEq("nat"), ElementsAre("-X", "try_arc", "-w"),
301 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]302 EXPECT_CALL(runner,
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]303 iptables(StrEq("nat"), ElementsAre("-F", "dnat_arc", "-w"), true,
304 nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]305 EXPECT_CALL(runner,
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]306 iptables(StrEq("nat"), ElementsAre("-X", "dnat_arc", "-w"), true,
307 nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]308 Datapath datapath(&runner);
309 datapath.RemoveLegacyIPv4DNAT();
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]310}
311
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]312TEST(DatapathTest, AddLegacyIPv4InboundDNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]313 MockProcessRunner runner;
314 EXPECT_CALL(runner, iptables(StrEq("nat"),
315 ElementsAre("-A", "try_arc", "-i", "wlan0", "-j",
316 "dnat_arc", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]317 true, nullptr));
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]318 Datapath datapath(&runner);
319 datapath.AddLegacyIPv4InboundDNAT("wlan0");
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]320}
321
322TEST(DatapathTest, RemoveLegacyIPv4InboundDNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]323 MockProcessRunner runner;
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]324 EXPECT_CALL(runner, iptables(StrEq("nat"), ElementsAre("-F", "try_arc", "-w"),
325 true, nullptr));
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]326 Datapath datapath(&runner);
327 datapath.RemoveLegacyIPv4InboundDNAT();
Garrick Evans54861622019-07-19 09:05:09 +0900[diff] [blame]328}
329
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]330TEST(DatapathTest, AddInboundIPv4DNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]331 MockProcessRunner runner;
332 EXPECT_CALL(runner, iptables(StrEq("nat"),
333 ElementsAre("-A", "PREROUTING", "-i", "eth0",
334 "-m", "socket", "--nowildcard", "-j",
335 "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]336 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]337 EXPECT_CALL(runner, iptables(StrEq("nat"),
338 ElementsAre("-A", "PREROUTING", "-i", "eth0",
339 "-p", "tcp", "-j", "DNAT",
340 "--to-destination", "1.2.3.4", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]341 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]342 EXPECT_CALL(runner, iptables(StrEq("nat"),
343 ElementsAre("-A", "PREROUTING", "-i", "eth0",
344 "-p", "udp", "-j", "DNAT",
345 "--to-destination", "1.2.3.4", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]346 true, nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]347 Datapath datapath(&runner);
348 datapath.AddInboundIPv4DNAT("eth0", "1.2.3.4");
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]349}
350
351TEST(DatapathTest, RemoveInboundIPv4DNAT) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]352 MockProcessRunner runner;
353 EXPECT_CALL(runner, iptables(StrEq("nat"),
354 ElementsAre("-D", "PREROUTING", "-i", "eth0",
355 "-m", "socket", "--nowildcard", "-j",
356 "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]357 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]358 EXPECT_CALL(runner, iptables(StrEq("nat"),
359 ElementsAre("-D", "PREROUTING", "-i", "eth0",
360 "-p", "tcp", "-j", "DNAT",
361 "--to-destination", "1.2.3.4", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]362 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]363 EXPECT_CALL(runner, iptables(StrEq("nat"),
364 ElementsAre("-D", "PREROUTING", "-i", "eth0",
365 "-p", "udp", "-j", "DNAT",
366 "--to-destination", "1.2.3.4", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]367 true, nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]368 Datapath datapath(&runner);
369 datapath.RemoveInboundIPv4DNAT("eth0", "1.2.3.4");
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]370}
371
372TEST(DatapathTest, AddOutboundIPv4) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]373 MockProcessRunner runner;
374 EXPECT_CALL(runner, iptables(StrEq("filter"),
375 ElementsAre("-A", "FORWARD", "-o", "eth0", "-j",
376 "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]377 true, nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]378 Datapath datapath(&runner);
379 datapath.AddOutboundIPv4("eth0");
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]380}
381
382TEST(DatapathTest, RemoveInboundIPv4) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]383 MockProcessRunner runner;
384 EXPECT_CALL(runner, iptables(StrEq("filter"),
385 ElementsAre("-D", "FORWARD", "-o", "eth0", "-j",
386 "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]387 true, nullptr));
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]388 Datapath datapath(&runner);
389 datapath.RemoveOutboundIPv4("eth0");
Garrick Evansf0ab7132019-06-18 14:50:42 +0900[diff] [blame]390}
391
Garrick Evans664a82f2019-12-17 12:18:05 +0900[diff] [blame]392TEST(DatapathTest, MaskInterfaceFlags) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]393 MockProcessRunner runner;
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]394 Datapath datapath(&runner, ioctl_req_cap);
Garrick Evans664a82f2019-12-17 12:18:05 +0900[diff] [blame]395 bool result = datapath.MaskInterfaceFlags("foo0", IFF_DEBUG);
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]396 EXPECT_TRUE(result);
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]397 std::vector<ioctl_req_t> expected = {SIOCGIFFLAGS, SIOCSIFFLAGS};
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]398 EXPECT_EQ(ioctl_reqs, expected);
399 ioctl_reqs.clear();
400}
401
402TEST(DatapathTest, AddIPv6Forwarding) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]403 MockProcessRunner runner;
Taoyu Lica49c832019-12-06 17:56:43 +0900[diff] [blame]404 // Return 1 on iptables -C to simulate rule not existing case
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]405 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
406 ElementsAre("-C", "FORWARD", "-i", "eth0", "-o",
407 "arc_eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]408 false, nullptr))
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]409 .WillOnce(Return(1));
410 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
411 ElementsAre("-A", "FORWARD", "-i", "eth0", "-o",
412 "arc_eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]413 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]414 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
415 ElementsAre("-C", "FORWARD", "-i", "arc_eth0",
416 "-o", "eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]417 false, nullptr))
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]418 .WillOnce(Return(1));
419 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
420 ElementsAre("-A", "FORWARD", "-i", "arc_eth0",
421 "-o", "eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]422 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]423 Datapath datapath(&runner);
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]424 datapath.AddIPv6Forwarding("eth0", "arc_eth0");
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]425}
426
Taoyu Lica49c832019-12-06 17:56:43 +0900[diff] [blame]427TEST(DatapathTest, AddIPv6ForwardingRuleExists) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]428 MockProcessRunner runner;
429 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
430 ElementsAre("-C", "FORWARD", "-i", "eth0", "-o",
431 "arc_eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]432 false, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]433 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
434 ElementsAre("-C", "FORWARD", "-i", "arc_eth0",
435 "-o", "eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]436 false, nullptr));
Taoyu Lica49c832019-12-06 17:56:43 +0900[diff] [blame]437 Datapath datapath(&runner);
438 datapath.AddIPv6Forwarding("eth0", "arc_eth0");
Taoyu Lica49c832019-12-06 17:56:43 +0900[diff] [blame]439}
440
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]441TEST(DatapathTest, RemoveIPv6Forwarding) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]442 MockProcessRunner runner;
443 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
444 ElementsAre("-D", "FORWARD", "-i", "eth0", "-o",
445 "arc_eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]446 true, nullptr));
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]447 EXPECT_CALL(runner, ip6tables(StrEq("filter"),
448 ElementsAre("-D", "FORWARD", "-i", "arc_eth0",
449 "-o", "eth0", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]450 true, nullptr));
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]451 Datapath datapath(&runner);
452 datapath.RemoveIPv6Forwarding("eth0", "arc_eth0");
Taoyu Li90c13912019-11-26 17:56:54 +0900[diff] [blame]453}
454
Taoyu Lieb6cc8f2019-12-09 15:53:04 +0900[diff] [blame]455TEST(DatapathTest, AddIPv6HostRoute) {
Garrick Evans8e8e3472020-01-23 14:03:50 +0900[diff] [blame]456 MockProcessRunner runner;
457 EXPECT_CALL(runner,
458 ip6(StrEq("route"), StrEq("replace"),
459 ElementsAre("2001:da8:e00::1234/128", "dev", "eth0"), true));
Taoyu Lieb6cc8f2019-12-09 15:53:04 +0900[diff] [blame]460 Datapath datapath(&runner);
461 datapath.AddIPv6HostRoute("eth0", "2001:da8:e00::1234", 128);
Taoyu Lieb6cc8f2019-12-09 15:53:04 +0900[diff] [blame]462}
463
Hugo Benichie8758b52020-04-03 14:49:01 +0900[diff] [blame]464TEST(DatapathTest, AddIPv4Route) {
465 MockProcessRunner runner;
466 Datapath datapath(&runner, (ioctl_t)ioctl_rtentry_cap);
467
468 datapath.AddIPv4Route(Ipv4Addr(192, 168, 1, 1), Ipv4Addr(100, 115, 93, 0),
469 Ipv4Addr(255, 255, 255, 0));
470 datapath.DeleteIPv4Route(Ipv4Addr(192, 168, 1, 1), Ipv4Addr(100, 115, 93, 0),
471 Ipv4Addr(255, 255, 255, 0));
472 datapath.AddIPv4Route("eth0", Ipv4Addr(100, 115, 92, 8),
473 Ipv4Addr(255, 255, 255, 252));
474 datapath.DeleteIPv4Route("eth0", Ipv4Addr(100, 115, 92, 8),
475 Ipv4Addr(255, 255, 255, 252));
476
477 std::vector<ioctl_req_t> expected_reqs = {SIOCADDRT, SIOCDELRT, SIOCADDRT,
478 SIOCDELRT};
479 EXPECT_EQ(expected_reqs, ioctl_reqs);
480 ioctl_reqs.clear();
481
482 std::string route1 =
483 "{rt_dst: {family: AF_INET, port: 0, addr: 100.115.93.0}, rt_genmask: "
484 "{family: AF_INET, port: 0, addr: 255.255.255.0}, rt_gateway: {family: "
485 "AF_INET, port: 0, addr: 192.168.1.1}, rt_dev: null, rt_flags: RTF_UP | "
486 "RTF_GATEWAY}";
487 std::string route2 =
488 "{rt_dst: {family: AF_INET, port: 0, addr: 100.115.92.8}, rt_genmask: "
489 "{family: AF_INET, port: 0, addr: 255.255.255.252}, rt_gateway: {unset}, "
490 "rt_dev: eth0, rt_flags: RTF_UP | RTF_GATEWAY}";
491 std::vector<std::string> captured_routes;
492 for (const auto& route : ioctl_rtentry_args) {
493 std::ostringstream stream;
494 stream << route.second;
495 captured_routes.emplace_back(stream.str());
496 }
497 ioctl_rtentry_args.clear();
498 EXPECT_EQ(route1, captured_routes[0]);
499 EXPECT_EQ(route1, captured_routes[1]);
500 EXPECT_EQ(route2, captured_routes[2]);
501 EXPECT_EQ(route2, captured_routes[3]);
502}
503
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]504TEST(DatapathTest, AddSNATMarkRules) {
505 MockProcessRunner runner;
Taoyu Li79871c92020-07-02 16:09:39 +0900[diff] [blame]506 EXPECT_CALL(
507 runner,
508 iptables(StrEq("filter"),
509 ElementsAre("-A", "FORWARD", "-m", "mark", "--mark", "1", "-m",
510 "state", "--state", "INVALID", "-j", "DROP", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]511 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]512 EXPECT_CALL(runner, iptables(StrEq("filter"),
513 ElementsAre("-A", "FORWARD", "-m", "mark",
514 "--mark", "1", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]515 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]516 EXPECT_CALL(runner,
517 iptables(StrEq("nat"),
518 ElementsAre("-A", "POSTROUTING", "-m", "mark", "--mark",
519 "1", "-j", "MASQUERADE", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]520 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]521 Datapath datapath(&runner);
522 datapath.AddSNATMarkRules();
523}
524
525TEST(DatapathTest, RemoveSNATMarkRules) {
526 MockProcessRunner runner;
Taoyu Li79871c92020-07-02 16:09:39 +0900[diff] [blame]527 EXPECT_CALL(
528 runner,
529 iptables(StrEq("filter"),
530 ElementsAre("-D", "FORWARD", "-m", "mark", "--mark", "1", "-m",
531 "state", "--state", "INVALID", "-j", "DROP", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]532 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]533 EXPECT_CALL(runner, iptables(StrEq("filter"),
534 ElementsAre("-D", "FORWARD", "-m", "mark",
535 "--mark", "1", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]536 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]537 EXPECT_CALL(runner,
538 iptables(StrEq("nat"),
539 ElementsAre("-D", "POSTROUTING", "-m", "mark", "--mark",
540 "1", "-j", "MASQUERADE", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]541 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]542 Datapath datapath(&runner);
543 datapath.RemoveSNATMarkRules();
544}
545
546TEST(DatapathTest, AddForwardEstablishedRule) {
547 MockProcessRunner runner;
548 EXPECT_CALL(runner,
549 iptables(StrEq("filter"),
550 ElementsAre("-A", "FORWARD", "-m", "state", "--state",
551 "ESTABLISHED,RELATED", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]552 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]553 Datapath datapath(&runner);
554 datapath.AddForwardEstablishedRule();
555}
556
557TEST(DatapathTest, RemoveForwardEstablishedRule) {
558 MockProcessRunner runner;
559 EXPECT_CALL(runner,
560 iptables(StrEq("filter"),
561 ElementsAre("-D", "FORWARD", "-m", "state", "--state",
562 "ESTABLISHED,RELATED", "-j", "ACCEPT", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]563 true, nullptr));
Garrick Evansd291af62020-05-25 10:39:06 +0900[diff] [blame]564 Datapath datapath(&runner);
565 datapath.RemoveForwardEstablishedRule();
566}
567
Garrick Evansff6e37f2020-05-25 10:54:47 +0900[diff] [blame]568TEST(DatapathTest, AddInterfaceSNAT) {
569 MockProcessRunner runner;
570 EXPECT_CALL(runner, iptables(StrEq("nat"),
571 ElementsAre("-A", "POSTROUTING", "-o", "wwan+",
572 "-j", "MASQUERADE", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]573 true, nullptr));
Garrick Evansff6e37f2020-05-25 10:54:47 +0900[diff] [blame]574 Datapath datapath(&runner);
575 datapath.AddInterfaceSNAT("wwan+");
576}
577
578TEST(DatapathTest, RemoveInterfaceSNAT) {
579 MockProcessRunner runner;
580 EXPECT_CALL(runner, iptables(StrEq("nat"),
581 ElementsAre("-D", "POSTROUTING", "-o", "wwan+",
582 "-j", "MASQUERADE", "-w"),
Jie Jiangcf5ce9c2020-07-14 17:22:03 +0900[diff] [blame]583 true, nullptr));
Garrick Evansff6e37f2020-05-25 10:54:47 +0900[diff] [blame]584 Datapath datapath(&runner);
585 datapath.RemoveInterfaceSNAT("wwan+");
586}
587
Garrick Evans2f581a02020-05-11 10:43:35 +0900[diff] [blame]588TEST(DatapathTest, ArcVethHostName) {
589 EXPECT_EQ("vetheth0", ArcVethHostName("eth0"));
590 EXPECT_EQ("vethrmnet0", ArcVethHostName("rmnet0"));
591 EXPECT_EQ("vethrmnet_data0", ArcVethHostName("rmnet_data0"));
592 EXPECT_EQ("vethifnamsiz_i0", ArcVethHostName("ifnamsiz_ifnam0"));
593 auto ifname = ArcVethHostName("exceeds_ifnamesiz_checkanyway");
594 EXPECT_EQ("vethexceeds_ify", ifname);
595 EXPECT_LT(ifname.length(), IFNAMSIZ);
596}
597
Garrick Evans8a067562020-05-11 12:47:30 +0900[diff] [blame]598TEST(DatapathTest, ArcBridgeName) {
599 EXPECT_EQ("arc_eth0", ArcBridgeName("eth0"));
600 EXPECT_EQ("arc_rmnet0", ArcBridgeName("rmnet0"));
601 EXPECT_EQ("arc_rmnet_data0", ArcBridgeName("rmnet_data0"));
602 EXPECT_EQ("arc_ifnamsiz_i0", ArcBridgeName("ifnamsiz_ifnam0"));
603 auto ifname = ArcBridgeName("exceeds_ifnamesiz_checkanyway");
604 EXPECT_EQ("arc_exceeds_ify", ifname);
605 EXPECT_LT(ifname.length(), IFNAMSIZ);
606}
607
Garrick Evans3388a032020-03-24 11:25:55 +0900[diff] [blame]608} // namespace patchpanel