1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <string>
18 
19 #include <fcntl.h>
20 #include <inttypes.h>
21 #include <limits.h>
22 #include <linux/inet_diag.h>
23 #include <linux/sock_diag.h>
24 #include <net/if.h>
25 #include <sys/socket.h>
26 #include <sys/types.h>
27 #include <unistd.h>
28 
29 #include <gtest/gtest.h>
30 
31 #include <cutils/qtaguid.h>
32 
33 #include <android-base/stringprintf.h>
34 #include <android-base/strings.h>
35 #include <netdutils/NetNativeTestBase.h>
36 
37 #include "bpf/BpfMap.h"
38 #include "bpf/BpfUtils.h"
39 #include "netd.h"
40 
41 using android::base::Result;
42 
43 namespace android {
44 namespace bpf {
45 
46 // Use the upper limit of uid to avoid conflict with real app uids. We can't use UID_MAX because
47 // it's -1, which is INVALID_UID.
48 constexpr uid_t TEST_UID = UID_MAX - 1;
49 constexpr uint32_t TEST_TAG = 42;
50 
51 class BpfBasicTest : public NetNativeTestBase {
52   protected:
BpfBasicTest()53     BpfBasicTest() {}
54 };
55 
TEST_F(BpfBasicTest,TestTagSocket)56 TEST_F(BpfBasicTest, TestTagSocket) {
57     BpfMap<uint64_t, UidTagValue> cookieTagMap(COOKIE_TAG_MAP_PATH);
58     ASSERT_TRUE(cookieTagMap.isValid());
59     int sock = socket(AF_INET6, SOCK_STREAM | SOCK_CLOEXEC, 0);
60     ASSERT_LE(0, sock);
61     uint64_t cookie = getSocketCookie(sock);
62     ASSERT_NE(NONEXISTENT_COOKIE, cookie);
63     ASSERT_EQ(0, qtaguid_tagSocket(sock, TEST_TAG, TEST_UID));
64     Result<UidTagValue> tagResult = cookieTagMap.readValue(cookie);
65     ASSERT_RESULT_OK(tagResult);
66     ASSERT_EQ(TEST_UID, tagResult.value().uid);
67     ASSERT_EQ(TEST_TAG, tagResult.value().tag);
68     ASSERT_EQ(0, qtaguid_untagSocket(sock));
69     tagResult = cookieTagMap.readValue(cookie);
70     ASSERT_FALSE(tagResult.ok());
71     ASSERT_EQ(ENOENT, tagResult.error().code());
72 }
73 
TEST_F(BpfBasicTest,TestCloseSocketWithoutUntag)74 TEST_F(BpfBasicTest, TestCloseSocketWithoutUntag) {
75     BpfMap<uint64_t, UidTagValue> cookieTagMap(COOKIE_TAG_MAP_PATH);
76     ASSERT_TRUE(cookieTagMap.isValid());
77     int sock = socket(AF_INET6, SOCK_STREAM | SOCK_CLOEXEC, 0);
78     ASSERT_LE(0, sock);
79     uint64_t cookie = getSocketCookie(sock);
80     ASSERT_NE(NONEXISTENT_COOKIE, cookie);
81     ASSERT_EQ(0, qtaguid_tagSocket(sock, TEST_TAG, TEST_UID));
82     Result<UidTagValue> tagResult = cookieTagMap.readValue(cookie);
83     ASSERT_RESULT_OK(tagResult);
84     ASSERT_EQ(TEST_UID, tagResult.value().uid);
85     ASSERT_EQ(TEST_TAG, tagResult.value().tag);
86     ASSERT_EQ(0, close(sock));
87     // Check map periodically until sk destroy handler have done its job.
88     for (int i = 0; i < 1000; i++) {
89         usleep(5000);  // 5ms
90         tagResult = cookieTagMap.readValue(cookie);
91         if (!tagResult.ok()) {
92             ASSERT_EQ(ENOENT, tagResult.error().code());
93             return;
94         }
95     }
96     FAIL() << "socket tag still exist after 5s";
97 }
98 
99 }
100 }
101