go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Automated rollback of changelist 268047073 

PiperOrigin-RevId: 268757842
This commit is contained in:
Ghanan Gowripalan 2019-09-12 13:50:58 -07:00 committed by gVisor bot
parent 574eda8880
commit 857940d30d
6 changed files with 15 additions and 290 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/tcpip/header/ipv6.go
View File

@ -76,13 +76,6 @@ const (
// IPv6Version is the version of the ipv6 protocol.
IPv6Version = 6
// IPv6AllNodesMulticastAddress is a link-local multicast group that
// all IPv6 nodes MUST join, as per RFC 4291, section 2.8. Packets
// destined to this address will reach all nodes on a link.
//
// The address is ff02::1.
IPv6AllNodesMulticastAddress tcpip.Address = "\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
// IPv6MinimumMTU is the minimum MTU required by IPv6, per RFC 2460,
// section 5.
IPv6MinimumMTU = 1280

2
pkg/tcpip/network/ipv6/BUILD
View File

@ -25,7 +25,6 @@ go_test(
size = "small",
srcs = [
"icmp_test.go",
"ipv6_test.go",
"ndp_test.go",
],
embed = [":ipv6"],
@ -37,7 +36,6 @@ go_test(
"//pkg/tcpip/link/sniffer",
"//pkg/tcpip/stack",
"//pkg/tcpip/transport/icmp",
"//pkg/tcpip/transport/udp",
"//pkg/waiter",
],
)

6
pkg/tcpip/network/ipv6/icmp_test.go
View File

@ -222,6 +222,9 @@ func newTestContext(t *testing.T) *testContext {
if err := c.s0.AddAddress(1, ProtocolNumber, lladdr0); err != nil {
t.Fatalf("AddAddress lladdr0: %v", err)
}
if err := c.s0.AddAddress(1, ProtocolNumber, header.SolicitedNodeAddr(lladdr0)); err != nil {
t.Fatalf("AddAddress sn lladdr0: %v", err)
}
c.linkEP1 = channel.New(256, defaultMTU, linkAddr1)
wrappedEP1 := stack.LinkEndpoint(endpointWithResolutionCapability{LinkEndpoint: c.linkEP1})
@ -231,6 +234,9 @@ func newTestContext(t *testing.T) *testContext {
if err := c.s1.AddAddress(1, ProtocolNumber, lladdr1); err != nil {
t.Fatalf("AddAddress lladdr1: %v", err)
}
if err := c.s1.AddAddress(1, ProtocolNumber, header.SolicitedNodeAddr(lladdr1)); err != nil {
t.Fatalf("AddAddress sn lladdr1: %v", err)
}
subnet0, err := tcpip.NewSubnet(lladdr1, tcpip.AddressMask(strings.Repeat("\xff", len(lladdr1))))
if err != nil {

215
pkg/tcpip/network/ipv6/ipv6_test.go
View File

@ -1,215 +0,0 @@
// Copyright 2019 The gVisor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package ipv6
import (
"testing"
"gvisor.dev/gvisor/pkg/tcpip"
"gvisor.dev/gvisor/pkg/tcpip/buffer"
"gvisor.dev/gvisor/pkg/tcpip/header"
"gvisor.dev/gvisor/pkg/tcpip/link/channel"
"gvisor.dev/gvisor/pkg/tcpip/stack"
"gvisor.dev/gvisor/pkg/tcpip/transport/icmp"
"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
"gvisor.dev/gvisor/pkg/waiter"
)
const (
addr1 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
addr2 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02"
// The least significant 3 bytes are the same as addr2 so both addr2 and
// addr3 will have the same solicited-node address.
addr3 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x02"
)
// testReceiveICMP tests receiving an ICMP packet from src to dst. want is the
// expected Neighbor Advertisement received count after receiving the packet.
func testReceiveICMP(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64) {
t.Helper()
// Receive ICMP packet.
hdr := buffer.NewPrependable(header.IPv6MinimumSize + header.ICMPv6NeighborAdvertSize)
pkt := header.ICMPv6(hdr.Prepend(header.ICMPv6NeighborAdvertSize))
pkt.SetType(header.ICMPv6NeighborAdvert)
pkt.SetChecksum(header.ICMPv6Checksum(pkt, src, dst, buffer.VectorisedView{}))
payloadLength := hdr.UsedLength()
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(payloadLength),
NextHeader: uint8(header.ICMPv6ProtocolNumber),
HopLimit: 255,
SrcAddr: src,
DstAddr: dst,
})
e.Inject(ProtocolNumber, hdr.View().ToVectorisedView())
stats := s.Stats().ICMP.V6PacketsReceived
if got := stats.NeighborAdvert.Value(); got != want {
t.Fatalf("got NeighborAdvert = %d, want = %d", got, want)
}
}
// testReceiveICMP tests receiving a UDP packet from src to dst. want is the
// expected UDP received count after receiving the packet.
func testReceiveUDP(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64) {
t.Helper()
wq := waiter.Queue{}
we, ch := waiter.NewChannelEntry(nil)
wq.EventRegister(&we, waiter.EventIn)
defer wq.EventUnregister(&we)
defer close(ch)
ep, err := s.NewEndpoint(udp.ProtocolNumber, ProtocolNumber, &wq)
if err != nil {
t.Fatalf("NewEndpoint failed: %v", err)
}
defer ep.Close()
if err := ep.Bind(tcpip.FullAddress{Addr: dst, Port: 80}); err != nil {
t.Fatalf("ep.Bind(...) failed: %v", err)
}
// Receive UDP Packet.
hdr := buffer.NewPrependable(header.IPv6MinimumSize + header.UDPMinimumSize)
u := header.UDP(hdr.Prepend(header.UDPMinimumSize))
u.Encode(&header.UDPFields{
SrcPort: 5555,
DstPort: 80,
Length: header.UDPMinimumSize,
})
// UDP pseudo-header checksum.
sum := header.PseudoHeaderChecksum(udp.ProtocolNumber, src, dst, header.UDPMinimumSize)
// UDP checksum
sum = header.Checksum(header.UDP([]byte{}), sum)
u.SetChecksum(^u.CalculateChecksum(sum))
payloadLength := hdr.UsedLength()
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
ip.Encode(&header.IPv6Fields{
PayloadLength: uint16(payloadLength),
NextHeader: uint8(udp.ProtocolNumber),
HopLimit: 255,
SrcAddr: src,
DstAddr: dst,
})
e.Inject(ProtocolNumber, hdr.View().ToVectorisedView())
stat := s.Stats().UDP.PacketsReceived
if got := stat.Value(); got != want {
t.Fatalf("got UDPPacketsReceived = %d, want = %d", got, want)
}
}
// TestReceiveOnAllNodesMulticastAddr tests that IPv6 endpoints receive ICMP and
// UDP packets destined to the IPv6 link-local all-nodes multicast address.
func TestReceiveOnAllNodesMulticastAddr(t *testing.T) {
tests := []struct {
name string
protocolName string
rxf func(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64)
}{
{"ICMP", icmp.ProtocolName6, testReceiveICMP},
{"UDP", udp.ProtocolName, testReceiveUDP},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
s := stack.New([]string{ProtocolName}, []string{test.protocolName}, stack.Options{})
e := channel.New(10, 1280, linkAddr1)
if err := s.CreateNIC(1, e); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
// Should receive a packet destined to the all-nodes
// multicast address.
test.rxf(t, s, e, addr1, header.IPv6AllNodesMulticastAddress, 1)
})
}
}
// TestReceiveOnSolicitedNodeAddr tests that IPv6 endpoints receive ICMP and UDP
// packets destined to the IPv6 solicited-node address of an assigned IPv6
// address.
func TestReceiveOnSolicitedNodeAddr(t *testing.T) {
tests := []struct {
name string
protocolName string
rxf func(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64)
}{
{"ICMP", icmp.ProtocolName6, testReceiveICMP},
{"UDP", udp.ProtocolName, testReceiveUDP},
}
snmc := header.SolicitedNodeAddr(addr2)
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
s := stack.New([]string{ProtocolName}, []string{test.protocolName}, stack.Options{})
e := channel.New(10, 1280, linkAddr1)
if err := s.CreateNIC(1, e); err != nil {
t.Fatalf("CreateNIC(_) = %s", err)
}
// Should not receive a packet destined to the solicited
// node address of addr2/addr3 yet as we haven't added
// those addresses.
test.rxf(t, s, e, addr1, snmc, 0)
if err := s.AddAddress(1, ProtocolNumber, addr2); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, addr2, err)
}
// Should receive a packet destined to the solicited
// node address of addr2/addr3 now that we have added
// added addr2.
test.rxf(t, s, e, addr1, snmc, 1)
if err := s.AddAddress(1, ProtocolNumber, addr3); err != nil {
t.Fatalf("AddAddress(_, %d, %s) = %s", ProtocolNumber, addr3, err)
}
// Should still receive a packet destined to the
// solicited node address of addr2/addr3 now that we
// have added addr3.
test.rxf(t, s, e, addr1, snmc, 2)
if err := s.RemoveAddress(1, addr2); err != nil {
t.Fatalf("RemoveAddress(_, %s) = %s", addr2, err)
}
// Should still receive a packet destined to the
// solicited node address of addr2/addr3 now that we
// have removed addr2.
test.rxf(t, s, e, addr1, snmc, 3)
if err := s.RemoveAddress(1, addr3); err != nil {
t.Fatalf("RemoveAddress(_, %s) = %s", addr3, err)
}
// Should not receive a packet destined to the solicited
// node address of addr2/addr3 yet as both of them got
// removed.
test.rxf(t, s, e, addr1, snmc, 3)
})
}
}

69
pkg/tcpip/stack/nic.go
View File

@ -102,25 +102,6 @@ func newNIC(stack *Stack, id tcpip.NICID, name string, ep LinkEndpoint, loopback
}
}
// enable enables the NIC. enable will attach the link to its LinkEndpoint and
// join the IPv6 All-Nodes Multicast address (ff02::1).
func (n *NIC) enable() *tcpip.Error {
n.attachLinkEndpoint()
// Join the IPv6 All-Nodes Multicast group if the stack is configured to
// use IPv6. This is required to ensure that this node properly receives
// and responds to the various NDP messages that are destined to the
// all-nodes multicast address. An example is the Neighbor Advertisement
// when we perform Duplicate Address Detection, or Router Advertisement
// when we do Router Discovery. See RFC 4862, section 5.4.2 and RFC 4861
// section 4.2 for more information.
if _, ok := n.stack.networkProtocols[header.IPv6ProtocolNumber]; ok {
return n.joinGroup(header.IPv6ProtocolNumber, header.IPv6AllNodesMulticastAddress)
}
return nil
}
// attachLinkEndpoint attaches the NIC to the endpoint, which will enable it
// to start delivering packets.
func (n *NIC) attachLinkEndpoint() {
@ -358,15 +339,6 @@ func (n *NIC) addAddressLocked(protocolAddress tcpip.ProtocolAddress, peb Primar
}
}
// If we are adding an IPv6 address, join the solicited-node multicast
// address for a unicast protocolAddress.
if protocolAddress.Protocol == header.IPv6ProtocolNumber && !header.IsV6MulticastAddress(protocolAddress.AddressWithPrefix.Address) {
snmc := header.SolicitedNodeAddr(protocolAddress.AddressWithPrefix.Address)
if err := n.joinGroupLocked(protocolAddress.Protocol, snmc); err != nil {
return nil, err
}
}
n.endpoints[id] = ref
l, ok := n.primary[protocolAddress.Protocol]
@ -495,27 +467,13 @@ func (n *NIC) removeEndpoint(r *referencedNetworkEndpoint) {
}
func (n *NIC) removePermanentAddressLocked(addr tcpip.Address) *tcpip.Error {
r, ok := n.endpoints[NetworkEndpointID{addr}]
if !ok || r.getKind() != permanent {
r := n.endpoints[NetworkEndpointID{addr}]
if r == nil || r.getKind() != permanent {
return tcpip.ErrBadLocalAddress
}
r.setKind(permanentExpired)
if !r.decRefLocked() {
// The endpoint still has references to it.
return nil
}
// At this point the endpoint is deleted.
// If we are removing an IPv6 address, leave the solicited-node
// multicast address for a unicast addr.
if r.protocol == header.IPv6ProtocolNumber && !header.IsV6MulticastAddress(addr) {
snmc := header.SolicitedNodeAddr(addr)
if err := n.leaveGroupLocked(snmc); err != nil {
return err
}
}
r.decRefLocked()
return nil
}
@ -533,13 +491,6 @@ func (n *NIC) joinGroup(protocol tcpip.NetworkProtocolNumber, addr tcpip.Address
n.mu.Lock()
defer n.mu.Unlock()
return n.joinGroupLocked(protocol, addr)
}
// joinGroupLocked adds a new endpoint for the given multicast address, if none
// exists yet. Otherwise it just increments its count. n MUST be locked before
// joinGroupLocked is called.
func (n *NIC) joinGroupLocked(protocol tcpip.NetworkProtocolNumber, addr tcpip.Address) *tcpip.Error {
id := NetworkEndpointID{addr}
joins := n.mcastJoins[id]
if joins == 0 {
@ -567,13 +518,6 @@ func (n *NIC) leaveGroup(addr tcpip.Address) *tcpip.Error {
n.mu.Lock()
defer n.mu.Unlock()
return n.leaveGroupLocked(addr)
}
// leaveGroupLocked decrements the count for the given multicast address, and
// when it reaches zero removes the endpoint for this address. n MUST be locked
// before leaveGroupLocked is called.
func (n *NIC) leaveGroupLocked(addr tcpip.Address) *tcpip.Error {
id := NetworkEndpointID{addr}
joins := n.mcastJoins[id]
switch joins {
@ -858,14 +802,11 @@ func (r *referencedNetworkEndpoint) decRef() {
}
// decRefLocked is the same as decRef but assumes that the NIC.mu mutex is
// locked. Returns true if the endpoint was removed.
func (r *referencedNetworkEndpoint) decRefLocked() bool {
// locked.
func (r *referencedNetworkEndpoint) decRefLocked() {
if atomic.AddInt32(&r.refs, -1) == 0 {
r.nic.removeEndpointLocked(r)
return true
}
return false
}
// incRef increments the ref count. It must only be called when the caller is

6
pkg/tcpip/stack/stack.go
View File

@ -633,7 +633,7 @@ func (s *Stack) createNIC(id tcpip.NICID, name string, ep LinkEndpoint, enabled,
s.nics[id] = n
if enabled {
return n.enable()
n.attachLinkEndpoint()
}
return nil
@ -680,7 +680,9 @@ func (s *Stack) EnableNIC(id tcpip.NICID) *tcpip.Error {
return tcpip.ErrUnknownNICID
}
return nic.enable()
nic.attachLinkEndpoint()
return nil
}
// CheckNIC checks if a NIC is usable.