Google Git
Sign in
fuchsia / third_party / gvisor.dev / gvisor / netstack / da3e9d5e793e0c8ca838c12416d431352808b49b / . / pkg / tcpip / network / ipv6 / icmp_test.go
blob: bae09ed94dd4d0ea0b4fce2bdc0ecb3c09211241 [file] [log] [blame]
// Copyright 2018 The gVisor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package ipv6
import (
"context"
"reflect"
"strings"
"testing"
"gvisor.dev/gvisor/pkg/tcpip"
"gvisor.dev/gvisor/pkg/tcpip/buffer"
"gvisor.dev/gvisor/pkg/tcpip/header"
"gvisor.dev/gvisor/pkg/tcpip/link/channel"
"gvisor.dev/gvisor/pkg/tcpip/link/sniffer"
"gvisor.dev/gvisor/pkg/tcpip/stack"
"gvisor.dev/gvisor/pkg/tcpip/transport/icmp"
"gvisor.dev/gvisor/pkg/waiter"
)
const (
linkAddr0 = tcpip.LinkAddress("\x02\x02\x03\x04\x05\x06")
linkAddr1 = tcpip.LinkAddress("\x0a\x0b\x0c\x0d\x0e\x0f")
)
var (
lladdr0 = header.LinkLocalAddr(linkAddr0)
lladdr1 = header.LinkLocalAddr(linkAddr1)
)
type stubLinkEndpoint struct {
stack.LinkEndpoint
}
func (*stubLinkEndpoint) Capabilities() stack.LinkEndpointCapabilities {
return 0
}
func (*stubLinkEndpoint) MaxHeaderLength() uint16 {
return 0
}
func (*stubLinkEndpoint) LinkAddress() tcpip.LinkAddress {
return ""
}
func (*stubLinkEndpoint) WritePacket(*stack.Route, *stack.GSO, tcpip.NetworkProtocolNumber, stack.PacketBuffer) *tcpip.Error {
return nil
}
func (*stubLinkEndpoint) Attach(stack.NetworkDispatcher) {}
type stubDispatcher struct {
stack.TransportDispatcher
}
func (*stubDispatcher) DeliverTransportPacket(*stack.Route, tcpip.TransportProtocolNumber, stack.PacketBuffer) {
}
type stubLinkAddressCache struct {
stack.LinkAddressCache
}
func (*stubLinkAddressCache) CheckLocalAddress(tcpip.NICID, tcpip.NetworkProtocolNumber, tcpip.Address) tcpip.NICID {
return 0
}
func (*stubLinkAddressCache) AddLinkAddress(tcpip.NICID, tcpip.Address, tcpip.LinkAddress) {
}
func TestICMPCounts(t *testing.T) {
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
TransportProtocols: []stack.TransportProtocol{icmp.NewProtocol6()},
})
{
if err := s.CreateNIC(1, &stubLinkEndpoint{}); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
if err := s.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, lladdr0, err)
}
}
{
subnet, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {
t.Fatal(err)
}
s.SetRouteTable(
[]tcpip.Route{{
Destination: subnet,
NIC: 1,
}},
)
}
netProto := s.NetworkProtocolInstance(ProtocolNumber)
if netProto == nil {
t.Fatalf("cannot find protocol instance for network protocol %d", ProtocolNumber)
}
ep, err := netProto.NewEndpoint(0, tcpip.AddressWithPrefix{lladdr1, netProto.DefaultPrefixLen()}, &stubLinkAddressCache{}, &stubDispatcher{}, nil, s)
if err != nil {
t.Fatalf("NewEndpoint(_) = _, %s, want = _, nil", err)
}
r, err := s.FindRoute(1, lladdr0, lladdr1, ProtocolNumber, false /* multicastLoop */)
if err != nil {
t.Fatalf("FindRoute(_) = _, %s, want = _, nil", err)
}
defer r.Release()
var tllData [header.NDPLinkLayerAddressSize]byte
header.NDPOptions(tllData[:]).Serialize(header.NDPOptionsSerializer{
header.NDPTargetLinkLayerAddressOption(linkAddr1),
})
types := []struct {
typ header.ICMPv6Type
size int
extraData []byte
}{
{
typ: header.ICMPv6DstUnreachable,
size: header.ICMPv6DstUnreachableMinimumSize,
},
{
typ: header.ICMPv6PacketTooBig,
size: header.ICMPv6PacketTooBigMinimumSize,
},
{
typ: header.ICMPv6TimeExceeded,
size: header.ICMPv6MinimumSize,
},
{
typ: header.ICMPv6ParamProblem,
size: header.ICMPv6MinimumSize,
},
{
typ: header.ICMPv6EchoRequest,
size: header.ICMPv6EchoMinimumSize,
},
{
typ: header.ICMPv6EchoReply,
size: header.ICMPv6EchoMinimumSize,
},
{
typ: header.ICMPv6RouterSolicit,
size: header.ICMPv6MinimumSize,
},
{
typ: header.ICMPv6RouterAdvert,
size: header.ICMPv6HeaderSize + header.NDPRAMinimumSize,
},
{
typ: header.ICMPv6NeighborSolicit,
size: header.ICMPv6NeighborSolicitMinimumSize},
{
typ: header.ICMPv6NeighborAdvert,
size: header.ICMPv6NeighborAdvertMinimumSize,
extraData: tllData[:],
},
{
typ: header.ICMPv6RedirectMsg,
size: header.ICMPv6MinimumSize,
},
}
handleIPv6Payload := func(hdr buffer.Prependable) {
payloadLength := hdr.UsedLength()
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(payloadLength),
NextHeader: uint8(header.ICMPv6ProtocolNumber),
HopLimit: header.NDPHopLimit,
SrcAddr: r.LocalAddress,
DstAddr: r.RemoteAddress,
})
ep.HandlePacket(&r, stack.PacketBuffer{
Data: hdr.View().ToVectorisedView(),
})
}
for _, typ := range types {
extraDataLen := len(typ.extraData)
hdr := buffer.NewPrependable(header.IPv6MinimumSize + typ.size + extraDataLen)
extraData := buffer.View(hdr.Prepend(extraDataLen))
copy(extraData, typ.extraData)
pkt := header.ICMPv6(hdr.Prepend(typ.size))
pkt.SetType(typ.typ)
pkt.SetChecksum(header.ICMPv6Checksum(pkt, r.LocalAddress, r.RemoteAddress, extraData.ToVectorisedView()))
handleIPv6Payload(hdr)
}
// Construct an empty ICMP packet so that
// Stats().ICMP.ICMPv6ReceivedPacketStats.Invalid is incremented.
handleIPv6Payload(buffer.NewPrependable(header.IPv6MinimumSize))
icmpv6Stats := s.Stats().ICMP.V6PacketsReceived
visitStats(reflect.ValueOf(&icmpv6Stats).Elem(), func(name string, s *tcpip.StatCounter) {
if got, want := s.Value(), uint64(1); got != want {
t.Errorf("got %s = %d, want = %d", name, got, want)
}
})
if t.Failed() {
t.Logf("stats:\n%+v", s.Stats())
}
}
func visitStats(v reflect.Value, f func(string, *tcpip.StatCounter)) {
t := v.Type()
for i := 0; i < v.NumField(); i++ {
v := v.Field(i)
if s, ok := v.Interface().(*tcpip.StatCounter); ok {
f(t.Field(i).Name, s)
} else {
visitStats(v, f)
}
}
}
type testContext struct {
s0 *stack.Stack
s1 *stack.Stack
linkEP0 *channel.Endpoint
linkEP1 *channel.Endpoint
}
type endpointWithResolutionCapability struct {
stack.LinkEndpoint
}
func (e endpointWithResolutionCapability) Capabilities() stack.LinkEndpointCapabilities {
return e.LinkEndpoint.Capabilities() | stack.CapabilityResolutionRequired
}
func newTestContext(t *testing.T) *testContext {
c := &testContext{
s0: stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
TransportProtocols: []stack.TransportProtocol{icmp.NewProtocol6()},
}),
s1: stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
TransportProtocols: []stack.TransportProtocol{icmp.NewProtocol6()},
}),
}
const defaultMTU = 65536
c.linkEP0 = channel.New(256, defaultMTU, linkAddr0)
wrappedEP0 := stack.LinkEndpoint(endpointWithResolutionCapability{LinkEndpoint: c.linkEP0})
if testing.Verbose() {
wrappedEP0 = sniffer.New(wrappedEP0)
}
if err := c.s0.CreateNIC(1, wrappedEP0); err != nil {
t.Fatalf("CreateNIC s0: %v", err)
}
if err := c.s0.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress lladdr0: %v", err)
}
c.linkEP1 = channel.New(256, defaultMTU, linkAddr1)
wrappedEP1 := stack.LinkEndpoint(endpointWithResolutionCapability{LinkEndpoint: c.linkEP1})
if err := c.s1.CreateNIC(1, wrappedEP1); err != nil {
t.Fatalf("CreateNIC failed: %v", err)
}
if err := c.s1.AddAddress(1, ProtocolNumber, lladdr1); err != nil {
t.Fatalf("AddAddress lladdr1: %v", err)
}
subnet0, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {
t.Fatal(err)
}
c.s0.SetRouteTable(
[]tcpip.Route{{
Destination: subnet0,
NIC: 1,
}},
)
subnet1, err := tcpip.NewSubnet(lladdr0, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr0))))
if err != nil {
t.Fatal(err)
}
c.s1.SetRouteTable(
[]tcpip.Route{{
Destination: subnet1,
NIC: 1,
}},
)
return c
}
func (c *testContext) cleanup() {
c.linkEP0.Close()
c.linkEP1.Close()
}
type routeArgs struct {
src, dst *channel.Endpoint
typ header.ICMPv6Type
remoteLinkAddr tcpip.LinkAddress
}
func routeICMPv6Packet(t *testing.T, args routeArgs, fn func(*testing.T, header.ICMPv6)) {
t.Helper()
pi, _ := args.src.ReadContext(context.Background())
{
views := []buffer.View{pi.Pkt.Header.View(), pi.Pkt.Data.ToView()}
size := pi.Pkt.Header.UsedLength() + pi.Pkt.Data.Size()
vv := buffer.NewVectorisedView(size, views)
args.dst.InjectLinkAddr(pi.Proto, args.dst.LinkAddress(), stack.PacketBuffer{
Data: vv,
})
}
if pi.Proto != ProtocolNumber {
t.Errorf("unexpected protocol number %d", pi.Proto)
return
}
if len(args.remoteLinkAddr) != 0 && args.remoteLinkAddr != pi.Route.RemoteLinkAddress {
t.Errorf("got remote link address = %s, want = %s", pi.Route.RemoteLinkAddress, args.remoteLinkAddr)
}
ipv6 := header.IPv6(pi.Pkt.Header.View())
transProto := tcpip.TransportProtocolNumber(ipv6.NextHeader())
if transProto != header.ICMPv6ProtocolNumber {
t.Errorf("unexpected transport protocol number %d", transProto)
return
}
icmpv6 := header.ICMPv6(ipv6.Payload())
if got, want := icmpv6.Type(), args.typ; got != want {
t.Errorf("got ICMPv6 type = %d, want = %d", got, want)
return
}
if fn != nil {
fn(t, icmpv6)
}
}
func TestLinkResolution(t *testing.T) {
c := newTestContext(t)
defer c.cleanup()
r, err := c.s0.FindRoute(1, lladdr0, lladdr1, ProtocolNumber, false /* multicastLoop */)
if err != nil {
t.Fatalf("FindRoute(_) = _, %s, want = _, nil", err)
}
defer r.Release()
hdr := buffer.NewPrependable(int(r.MaxHeaderLength()) + header.IPv6MinimumSize + header.ICMPv6EchoMinimumSize)
pkt := header.ICMPv6(hdr.Prepend(header.ICMPv6EchoMinimumSize))
pkt.SetType(header.ICMPv6EchoRequest)
pkt.SetChecksum(header.ICMPv6Checksum(pkt, r.LocalAddress, r.RemoteAddress, buffer.VectorisedView{}))
payload := tcpip.SlicePayload(hdr.View())
// We can't send our payload directly over the route because that
// doesn't provoke NDP discovery.
var wq waiter.Queue
ep, err := c.s0.NewEndpoint(header.ICMPv6ProtocolNumber, ProtocolNumber, &wq)
if err != nil {
t.Fatalf("NewEndpoint(_) = _, %s, want = _, nil", err)
}
for {
_, resCh, err := ep.Write(payload, tcpip.WriteOptions{To: &tcpip.FullAddress{NIC: 1, Addr: lladdr1}})
if resCh != nil {
if err != tcpip.ErrNoLinkAddress {
t.Fatalf("ep.Write(_) = _, <non-nil>, %s, want = _, <non-nil>, tcpip.ErrNoLinkAddress", err)
}
for _, args := range []routeArgs{
{src: c.linkEP0, dst: c.linkEP1, typ: header.ICMPv6NeighborSolicit, remoteLinkAddr: header.EthernetAddressFromMulticastIPv6Address(header.SolicitedNodeAddr(lladdr1))},
{src: c.linkEP1, dst: c.linkEP0, typ: header.ICMPv6NeighborAdvert},
} {
routeICMPv6Packet(t, args, func(t *testing.T, icmpv6 header.ICMPv6) {
if got, want := tcpip.Address(icmpv6[8:][:16]), lladdr1; got != want {
t.Errorf("%d: got target = %s, want = %s", icmpv6.Type(), got, want)
}
})
}
<-resCh
continue
}
if err != nil {
t.Fatalf("ep.Write(_) = _, _, %s", err)
}
break
}
for _, args := range []routeArgs{
{src: c.linkEP0, dst: c.linkEP1, typ: header.ICMPv6EchoRequest},
{src: c.linkEP1, dst: c.linkEP0, typ: header.ICMPv6EchoReply},
} {
routeICMPv6Packet(t, args, nil)
}
}
func TestICMPChecksumValidationSimple(t *testing.T) {
var tllData [header.NDPLinkLayerAddressSize]byte
header.NDPOptions(tllData[:]).Serialize(header.NDPOptionsSerializer{
header.NDPTargetLinkLayerAddressOption(linkAddr1),
})
types := []struct {
name string
typ header.ICMPv6Type
size int
extraData []byte
statCounter func(tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter
}{
{
name: "DstUnreachable",
typ: header.ICMPv6DstUnreachable,
size: header.ICMPv6DstUnreachableMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.DstUnreachable
},
},
{
name: "PacketTooBig",
typ: header.ICMPv6PacketTooBig,
size: header.ICMPv6PacketTooBigMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.PacketTooBig
},
},
{
name: "TimeExceeded",
typ: header.ICMPv6TimeExceeded,
size: header.ICMPv6MinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.TimeExceeded
},
},
{
name: "ParamProblem",
typ: header.ICMPv6ParamProblem,
size: header.ICMPv6MinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.ParamProblem
},
},
{
name: "EchoRequest",
typ: header.ICMPv6EchoRequest,
size: header.ICMPv6EchoMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoRequest
},
},
{
name: "EchoReply",
typ: header.ICMPv6EchoReply,
size: header.ICMPv6EchoMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoReply
},
},
{
name: "RouterSolicit",
typ: header.ICMPv6RouterSolicit,
size: header.ICMPv6MinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.RouterSolicit
},
},
{
name: "RouterAdvert",
typ: header.ICMPv6RouterAdvert,
size: header.ICMPv6HeaderSize + header.NDPRAMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.RouterAdvert
},
},
{
name: "NeighborSolicit",
typ: header.ICMPv6NeighborSolicit,
size: header.ICMPv6NeighborSolicitMinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.NeighborSolicit
},
},
{
name: "NeighborAdvert",
typ: header.ICMPv6NeighborAdvert,
size: header.ICMPv6NeighborAdvertMinimumSize,
extraData: tllData[:],
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.NeighborAdvert
},
},
{
name: "RedirectMsg",
typ: header.ICMPv6RedirectMsg,
size: header.ICMPv6MinimumSize,
statCounter: func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.RedirectMsg
},
},
}
for _, typ := range types {
t.Run(typ.name, func(t *testing.T) {
e := channel.New(10, 1280, linkAddr0)
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
})
if err := s.CreateNIC(1, e); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
if err := s.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, lladdr0, err)
}
{
subnet, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {
t.Fatal(err)
}
s.SetRouteTable(
[]tcpip.Route{{
Destination: subnet,
NIC: 1,
}},
)
}
handleIPv6Payload := func(checksum bool) {
extraDataLen := len(typ.extraData)
hdr := buffer.NewPrependable(header.IPv6MinimumSize + typ.size + extraDataLen)
extraData := buffer.View(hdr.Prepend(extraDataLen))
copy(extraData, typ.extraData)
pkt := header.ICMPv6(hdr.Prepend(typ.size))
pkt.SetType(typ.typ)
if checksum {
pkt.SetChecksum(header.ICMPv6Checksum(pkt, lladdr1, lladdr0, extraData.ToVectorisedView()))
}
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(typ.size + extraDataLen),
NextHeader: uint8(header.ICMPv6ProtocolNumber),
HopLimit: header.NDPHopLimit,
SrcAddr: lladdr1,
DstAddr: lladdr0,
})
e.InjectInbound(ProtocolNumber, stack.PacketBuffer{
Data: hdr.View().ToVectorisedView(),
})
}
stats := s.Stats().ICMP.V6PacketsReceived
invalid := stats.Invalid
typStat := typ.statCounter(stats)
// Initial stat counts should be 0.
if got := invalid.Value(); got != 0 {
t.Fatalf("got invalid = %d, want = 0", got)
}
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// Without setting checksum, the incoming packet should
// be invalid.
handleIPv6Payload(false)
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
// Rx count of type typ.typ should not have increased.
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// When checksum is set, it should be received.
handleIPv6Payload(true)
if got := typStat.Value(); got != 1 {
t.Fatalf("got %s = %d, want = 1", typ.name, got)
}
// Invalid count should not have increased again.
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
})
}
}
func TestICMPChecksumValidationWithPayload(t *testing.T) {
const simpleBodySize = 64
simpleBody := func(view buffer.View) {
for i := 0; i < simpleBodySize; i++ {
view[i] = uint8(i)
}
}
const errorICMPBodySize = header.IPv6MinimumSize + simpleBodySize
errorICMPBody := func(view buffer.View) {
ip := header.IPv6(view)
ip.Encode(&header.IPv6Fields{
PayloadLength: simpleBodySize,
NextHeader: 10,
HopLimit: 20,
SrcAddr: lladdr0,
DstAddr: lladdr1,
})
simpleBody(view[header.IPv6MinimumSize:])
}
types := []struct {
name string
typ header.ICMPv6Type
size int
statCounter func(tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter
payloadSize int
payload func(buffer.View)
}{
{
"DstUnreachable",
header.ICMPv6DstUnreachable,
header.ICMPv6DstUnreachableMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.DstUnreachable
},
errorICMPBodySize,
errorICMPBody,
},
{
"PacketTooBig",
header.ICMPv6PacketTooBig,
header.ICMPv6PacketTooBigMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.PacketTooBig
},
errorICMPBodySize,
errorICMPBody,
},
{
"TimeExceeded",
header.ICMPv6TimeExceeded,
header.ICMPv6MinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.TimeExceeded
},
errorICMPBodySize,
errorICMPBody,
},
{
"ParamProblem",
header.ICMPv6ParamProblem,
header.ICMPv6MinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.ParamProblem
},
errorICMPBodySize,
errorICMPBody,
},
{
"EchoRequest",
header.ICMPv6EchoRequest,
header.ICMPv6EchoMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoRequest
},
simpleBodySize,
simpleBody,
},
{
"EchoReply",
header.ICMPv6EchoReply,
header.ICMPv6EchoMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoReply
},
simpleBodySize,
simpleBody,
},
}
for _, typ := range types {
t.Run(typ.name, func(t *testing.T) {
e := channel.New(10, 1280, linkAddr0)
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
})
if err := s.CreateNIC(1, e); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
if err := s.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, lladdr0, err)
}
{
subnet, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {
t.Fatal(err)
}
s.SetRouteTable(
[]tcpip.Route{{
Destination: subnet,
NIC: 1,
}},
)
}
handleIPv6Payload := func(typ header.ICMPv6Type, size, payloadSize int, payloadFn func(buffer.View), checksum bool) {
icmpSize := size + payloadSize
hdr := buffer.NewPrependable(header.IPv6MinimumSize + icmpSize)
pkt := header.ICMPv6(hdr.Prepend(icmpSize))
pkt.SetType(typ)
payloadFn(pkt.Payload())
if checksum {
pkt.SetChecksum(header.ICMPv6Checksum(pkt, lladdr1, lladdr0, buffer.VectorisedView{}))
}
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(icmpSize),
NextHeader: uint8(header.ICMPv6ProtocolNumber),
HopLimit: header.NDPHopLimit,
SrcAddr: lladdr1,
DstAddr: lladdr0,
})
e.InjectInbound(ProtocolNumber, stack.PacketBuffer{
Data: hdr.View().ToVectorisedView(),
})
}
stats := s.Stats().ICMP.V6PacketsReceived
invalid := stats.Invalid
typStat := typ.statCounter(stats)
// Initial stat counts should be 0.
if got := invalid.Value(); got != 0 {
t.Fatalf("got invalid = %d, want = 0", got)
}
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// Without setting checksum, the incoming packet should
// be invalid.
handleIPv6Payload(typ.typ, typ.size, typ.payloadSize, typ.payload, false)
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
// Rx count of type typ.typ should not have increased.
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// When checksum is set, it should be received.
handleIPv6Payload(typ.typ, typ.size, typ.payloadSize, typ.payload, true)
if got := typStat.Value(); got != 1 {
t.Fatalf("got %s = %d, want = 1", typ.name, got)
}
// Invalid count should not have increased again.
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
})
}
}
func TestICMPChecksumValidationWithPayloadMultipleViews(t *testing.T) {
const simpleBodySize = 64
simpleBody := func(view buffer.View) {
for i := 0; i < simpleBodySize; i++ {
view[i] = uint8(i)
}
}
const errorICMPBodySize = header.IPv6MinimumSize + simpleBodySize
errorICMPBody := func(view buffer.View) {
ip := header.IPv6(view)
ip.Encode(&header.IPv6Fields{
PayloadLength: simpleBodySize,
NextHeader: 10,
HopLimit: 20,
SrcAddr: lladdr0,
DstAddr: lladdr1,
})
simpleBody(view[header.IPv6MinimumSize:])
}
types := []struct {
name string
typ header.ICMPv6Type
size int
statCounter func(tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter
payloadSize int
payload func(buffer.View)
}{
{
"DstUnreachable",
header.ICMPv6DstUnreachable,
header.ICMPv6DstUnreachableMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.DstUnreachable
},
errorICMPBodySize,
errorICMPBody,
},
{
"PacketTooBig",
header.ICMPv6PacketTooBig,
header.ICMPv6PacketTooBigMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.PacketTooBig
},
errorICMPBodySize,
errorICMPBody,
},
{
"TimeExceeded",
header.ICMPv6TimeExceeded,
header.ICMPv6MinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.TimeExceeded
},
errorICMPBodySize,
errorICMPBody,
},
{
"ParamProblem",
header.ICMPv6ParamProblem,
header.ICMPv6MinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.ParamProblem
},
errorICMPBodySize,
errorICMPBody,
},
{
"EchoRequest",
header.ICMPv6EchoRequest,
header.ICMPv6EchoMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoRequest
},
simpleBodySize,
simpleBody,
},
{
"EchoReply",
header.ICMPv6EchoReply,
header.ICMPv6EchoMinimumSize,
func(stats tcpip.ICMPv6ReceivedPacketStats) *tcpip.StatCounter {
return stats.EchoReply
},
simpleBodySize,
simpleBody,
},
}
for _, typ := range types {
t.Run(typ.name, func(t *testing.T) {
e := channel.New(10, 1280, linkAddr0)
s := stack.New(stack.Options{
NetworkProtocols: []stack.NetworkProtocol{NewProtocol()},
})
if err := s.CreateNIC(1, e); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
if err := s.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, lladdr0, err)
}
{
subnet, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {
t.Fatal(err)
}
s.SetRouteTable(
[]tcpip.Route{{
Destination: subnet,
NIC: 1,
}},
)
}
handleIPv6Payload := func(typ header.ICMPv6Type, size, payloadSize int, payloadFn func(buffer.View), checksum bool) {
hdr := buffer.NewPrependable(header.IPv6MinimumSize + size)
pkt := header.ICMPv6(hdr.Prepend(size))
pkt.SetType(typ)
payload := buffer.NewView(payloadSize)
payloadFn(payload)
if checksum {
pkt.SetChecksum(header.ICMPv6Checksum(pkt, lladdr1, lladdr0, payload.ToVectorisedView()))
}
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(size + payloadSize),
NextHeader: uint8(header.ICMPv6ProtocolNumber),
HopLimit: header.NDPHopLimit,
SrcAddr: lladdr1,
DstAddr: lladdr0,
})
e.InjectInbound(ProtocolNumber, stack.PacketBuffer{
Data: buffer.NewVectorisedView(header.IPv6MinimumSize+size+payloadSize, []buffer.View{hdr.View(), payload}),
})
}
stats := s.Stats().ICMP.V6PacketsReceived
invalid := stats.Invalid
typStat := typ.statCounter(stats)
// Initial stat counts should be 0.
if got := invalid.Value(); got != 0 {
t.Fatalf("got invalid = %d, want = 0", got)
}
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// Without setting checksum, the incoming packet should
// be invalid.
handleIPv6Payload(typ.typ, typ.size, typ.payloadSize, typ.payload, false)
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
// Rx count of type typ.typ should not have increased.
if got := typStat.Value(); got != 0 {
t.Fatalf("got %s = %d, want = 0", typ.name, got)
}
// When checksum is set, it should be received.
handleIPv6Payload(typ.typ, typ.size, typ.payloadSize, typ.payload, true)
if got := typStat.Value(); got != 1 {
t.Fatalf("got %s = %d, want = 1", typ.name, got)
}
// Invalid count should not have increased again.
if got := invalid.Value(); got != 1 {
t.Fatalf("got invalid = %d, want = 1", got)
}
})
}
}