2139 lines
61 KiB
Go
2139 lines
61 KiB
Go
// Copyright 2019 The gVisor Authors.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package ipv6
|
|
|
|
import (
|
|
"math"
|
|
"testing"
|
|
|
|
"github.com/google/go-cmp/cmp"
|
|
"gvisor.dev/gvisor/pkg/tcpip"
|
|
"gvisor.dev/gvisor/pkg/tcpip/buffer"
|
|
"gvisor.dev/gvisor/pkg/tcpip/checker"
|
|
"gvisor.dev/gvisor/pkg/tcpip/header"
|
|
"gvisor.dev/gvisor/pkg/tcpip/link/channel"
|
|
"gvisor.dev/gvisor/pkg/tcpip/network/testutil"
|
|
"gvisor.dev/gvisor/pkg/tcpip/stack"
|
|
"gvisor.dev/gvisor/pkg/tcpip/transport/icmp"
|
|
"gvisor.dev/gvisor/pkg/tcpip/transport/udp"
|
|
"gvisor.dev/gvisor/pkg/waiter"
|
|
)
|
|
|
|
const (
|
|
addr1 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
|
|
addr2 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02"
|
|
// The least significant 3 bytes are the same as addr2 so both addr2 and
|
|
// addr3 will have the same solicited-node address.
|
|
addr3 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x02"
|
|
addr4 = "\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x03"
|
|
|
|
// Tests use the extension header identifier values as uint8 instead of
|
|
// header.IPv6ExtensionHeaderIdentifier.
|
|
hopByHopExtHdrID = uint8(header.IPv6HopByHopOptionsExtHdrIdentifier)
|
|
routingExtHdrID = uint8(header.IPv6RoutingExtHdrIdentifier)
|
|
fragmentExtHdrID = uint8(header.IPv6FragmentExtHdrIdentifier)
|
|
destinationExtHdrID = uint8(header.IPv6DestinationOptionsExtHdrIdentifier)
|
|
noNextHdrID = uint8(header.IPv6NoNextHeaderIdentifier)
|
|
)
|
|
|
|
// testReceiveICMP tests receiving an ICMP packet from src to dst. want is the
|
|
// expected Neighbor Advertisement received count after receiving the packet.
|
|
func testReceiveICMP(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64) {
|
|
t.Helper()
|
|
|
|
// Receive ICMP packet.
|
|
hdr := buffer.NewPrependable(header.IPv6MinimumSize + header.ICMPv6NeighborAdvertSize)
|
|
pkt := header.ICMPv6(hdr.Prepend(header.ICMPv6NeighborAdvertSize))
|
|
pkt.SetType(header.ICMPv6NeighborAdvert)
|
|
pkt.SetChecksum(header.ICMPv6Checksum(pkt, src, dst, buffer.VectorisedView{}))
|
|
payloadLength := hdr.UsedLength()
|
|
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
|
|
ip.Encode(&header.IPv6Fields{
|
|
PayloadLength: uint16(payloadLength),
|
|
NextHeader: uint8(header.ICMPv6ProtocolNumber),
|
|
HopLimit: 255,
|
|
SrcAddr: src,
|
|
DstAddr: dst,
|
|
})
|
|
|
|
e.InjectInbound(ProtocolNumber, stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
Data: hdr.View().ToVectorisedView(),
|
|
}))
|
|
|
|
stats := s.Stats().ICMP.V6PacketsReceived
|
|
|
|
if got := stats.NeighborAdvert.Value(); got != want {
|
|
t.Fatalf("got NeighborAdvert = %d, want = %d", got, want)
|
|
}
|
|
}
|
|
|
|
// testReceiveUDP tests receiving a UDP packet from src to dst. want is the
|
|
// expected UDP received count after receiving the packet.
|
|
func testReceiveUDP(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64) {
|
|
t.Helper()
|
|
|
|
wq := waiter.Queue{}
|
|
we, ch := waiter.NewChannelEntry(nil)
|
|
wq.EventRegister(&we, waiter.EventIn)
|
|
defer wq.EventUnregister(&we)
|
|
defer close(ch)
|
|
|
|
ep, err := s.NewEndpoint(udp.ProtocolNumber, ProtocolNumber, &wq)
|
|
if err != nil {
|
|
t.Fatalf("NewEndpoint failed: %v", err)
|
|
}
|
|
defer ep.Close()
|
|
|
|
if err := ep.Bind(tcpip.FullAddress{Addr: dst, Port: 80}); err != nil {
|
|
t.Fatalf("ep.Bind(...) failed: %v", err)
|
|
}
|
|
|
|
// Receive UDP Packet.
|
|
hdr := buffer.NewPrependable(header.IPv6MinimumSize + header.UDPMinimumSize)
|
|
u := header.UDP(hdr.Prepend(header.UDPMinimumSize))
|
|
u.Encode(&header.UDPFields{
|
|
SrcPort: 5555,
|
|
DstPort: 80,
|
|
Length: header.UDPMinimumSize,
|
|
})
|
|
|
|
// UDP pseudo-header checksum.
|
|
sum := header.PseudoHeaderChecksum(udp.ProtocolNumber, src, dst, header.UDPMinimumSize)
|
|
|
|
// UDP checksum
|
|
sum = header.Checksum(header.UDP([]byte{}), sum)
|
|
u.SetChecksum(^u.CalculateChecksum(sum))
|
|
|
|
payloadLength := hdr.UsedLength()
|
|
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
|
|
ip.Encode(&header.IPv6Fields{
|
|
PayloadLength: uint16(payloadLength),
|
|
NextHeader: uint8(udp.ProtocolNumber),
|
|
HopLimit: 255,
|
|
SrcAddr: src,
|
|
DstAddr: dst,
|
|
})
|
|
|
|
e.InjectInbound(ProtocolNumber, stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
Data: hdr.View().ToVectorisedView(),
|
|
}))
|
|
|
|
stat := s.Stats().UDP.PacketsReceived
|
|
|
|
if got := stat.Value(); got != want {
|
|
t.Fatalf("got UDPPacketsReceived = %d, want = %d", got, want)
|
|
}
|
|
}
|
|
|
|
// TestReceiveOnAllNodesMulticastAddr tests that IPv6 endpoints receive ICMP and
|
|
// UDP packets destined to the IPv6 link-local all-nodes multicast address.
|
|
func TestReceiveOnAllNodesMulticastAddr(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
protocolFactory stack.TransportProtocolFactory
|
|
rxf func(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64)
|
|
}{
|
|
{"ICMP", icmp.NewProtocol6, testReceiveICMP},
|
|
{"UDP", udp.NewProtocol, testReceiveUDP},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
TransportProtocols: []stack.TransportProtocolFactory{test.protocolFactory},
|
|
})
|
|
e := channel.New(10, 1280, linkAddr1)
|
|
if err := s.CreateNIC(1, e); err != nil {
|
|
t.Fatalf("CreateNIC(_) = %s", err)
|
|
}
|
|
|
|
// Should receive a packet destined to the all-nodes
|
|
// multicast address.
|
|
test.rxf(t, s, e, addr1, header.IPv6AllNodesMulticastAddress, 1)
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestReceiveOnSolicitedNodeAddr tests that IPv6 endpoints receive ICMP and UDP
|
|
// packets destined to the IPv6 solicited-node address of an assigned IPv6
|
|
// address.
|
|
func TestReceiveOnSolicitedNodeAddr(t *testing.T) {
|
|
const nicID = 1
|
|
|
|
tests := []struct {
|
|
name string
|
|
protocolFactory stack.TransportProtocolFactory
|
|
rxf func(t *testing.T, s *stack.Stack, e *channel.Endpoint, src, dst tcpip.Address, want uint64)
|
|
}{
|
|
{"ICMP", icmp.NewProtocol6, testReceiveICMP},
|
|
{"UDP", udp.NewProtocol, testReceiveUDP},
|
|
}
|
|
|
|
snmc := header.SolicitedNodeAddr(addr2)
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
TransportProtocols: []stack.TransportProtocolFactory{test.protocolFactory},
|
|
})
|
|
e := channel.New(1, 1280, linkAddr1)
|
|
if err := s.CreateNIC(nicID, e); err != nil {
|
|
t.Fatalf("CreateNIC(%d, _) = %s", nicID, err)
|
|
}
|
|
|
|
s.SetRouteTable([]tcpip.Route{
|
|
tcpip.Route{
|
|
Destination: header.IPv6EmptySubnet,
|
|
NIC: nicID,
|
|
},
|
|
})
|
|
|
|
// Should not receive a packet destined to the solicited node address of
|
|
// addr2/addr3 yet as we haven't added those addresses.
|
|
test.rxf(t, s, e, addr1, snmc, 0)
|
|
|
|
if err := s.AddAddress(nicID, ProtocolNumber, addr2); err != nil {
|
|
t.Fatalf("AddAddress(%d, %d, %s) = %s", nicID, ProtocolNumber, addr2, err)
|
|
}
|
|
|
|
// Should receive a packet destined to the solicited node address of
|
|
// addr2/addr3 now that we have added added addr2.
|
|
test.rxf(t, s, e, addr1, snmc, 1)
|
|
|
|
if err := s.AddAddress(nicID, ProtocolNumber, addr3); err != nil {
|
|
t.Fatalf("AddAddress(%d, %d, %s) = %s", nicID, ProtocolNumber, addr3, err)
|
|
}
|
|
|
|
// Should still receive a packet destined to the solicited node address of
|
|
// addr2/addr3 now that we have added addr3.
|
|
test.rxf(t, s, e, addr1, snmc, 2)
|
|
|
|
if err := s.RemoveAddress(nicID, addr2); err != nil {
|
|
t.Fatalf("RemoveAddress(%d, %s) = %s", nicID, addr2, err)
|
|
}
|
|
|
|
// Should still receive a packet destined to the solicited node address of
|
|
// addr2/addr3 now that we have removed addr2.
|
|
test.rxf(t, s, e, addr1, snmc, 3)
|
|
|
|
// Make sure addr3's endpoint does not get removed from the NIC by
|
|
// incrementing its reference count with a route.
|
|
r, err := s.FindRoute(nicID, addr3, addr4, ProtocolNumber, false)
|
|
if err != nil {
|
|
t.Fatalf("FindRoute(%d, %s, %s, %d, false): %s", nicID, addr3, addr4, ProtocolNumber, err)
|
|
}
|
|
defer r.Release()
|
|
|
|
if err := s.RemoveAddress(nicID, addr3); err != nil {
|
|
t.Fatalf("RemoveAddress(%d, %s) = %s", nicID, addr3, err)
|
|
}
|
|
|
|
// Should not receive a packet destined to the solicited node address of
|
|
// addr2/addr3 yet as both of them got removed, even though a route using
|
|
// addr3 exists.
|
|
test.rxf(t, s, e, addr1, snmc, 3)
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestAddIpv6Address tests adding IPv6 addresses.
|
|
func TestAddIpv6Address(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
addr tcpip.Address
|
|
}{
|
|
// This test is in response to b/140943433.
|
|
{
|
|
"Nil",
|
|
tcpip.Address([]byte(nil)),
|
|
},
|
|
{
|
|
"ValidUnicast",
|
|
addr1,
|
|
},
|
|
{
|
|
"ValidLinkLocalUnicast",
|
|
lladdr0,
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
})
|
|
if err := s.CreateNIC(1, &stubLinkEndpoint{}); err != nil {
|
|
t.Fatalf("CreateNIC(_) = %s", err)
|
|
}
|
|
|
|
if err := s.AddAddress(1, ProtocolNumber, test.addr); err != nil {
|
|
t.Fatalf("AddAddress(_, %d, nil) = %s", ProtocolNumber, err)
|
|
}
|
|
|
|
addr, err := s.GetMainNICAddress(1, header.IPv6ProtocolNumber)
|
|
if err != nil {
|
|
t.Fatalf("stack.GetMainNICAddress(_, _) err = %s", err)
|
|
}
|
|
if addr.Address != test.addr {
|
|
t.Fatalf("got stack.GetMainNICAddress(_, _) = %s, want = %s", addr.Address, test.addr)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestReceiveIPv6ExtHdrs(t *testing.T) {
|
|
const nicID = 1
|
|
|
|
tests := []struct {
|
|
name string
|
|
extHdr func(nextHdr uint8) ([]byte, uint8)
|
|
shouldAccept bool
|
|
// Should we expect an ICMP response and if so, with what contents?
|
|
expectICMP bool
|
|
ICMPType header.ICMPv6Type
|
|
ICMPCode header.ICMPv6Code
|
|
pointer uint32
|
|
multicast bool
|
|
}{
|
|
{
|
|
name: "None",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) { return []byte{}, nextHdr },
|
|
shouldAccept: true,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option skippable action",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Skippable unknown.
|
|
62, 6, 1, 2, 3, 4, 5, 6,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option discard action",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard unknown.
|
|
127, 6, 1, 2, 3, 4, 5, 6,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option discard and send icmp action (unicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP if option is unknown.
|
|
191, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ Unknown option.
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option discard and send icmp action (multicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP if option is unknown.
|
|
191, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ Unknown option.
|
|
}, hopByHopExtHdrID
|
|
},
|
|
multicast: true,
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option discard and send icmp action unless multicast dest (unicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP unless packet is for multicast destination if
|
|
// option is unknown.
|
|
255, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ Unknown option.
|
|
}, hopByHopExtHdrID
|
|
},
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "hopbyhop with unknown option discard and send icmp action unless multicast dest (multicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP unless packet is for multicast destination if
|
|
// option is unknown.
|
|
255, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ Unknown option.
|
|
}, hopByHopExtHdrID
|
|
},
|
|
multicast: true,
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "routing with zero segments left",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 0,
|
|
1, 0, 2, 3, 4, 5,
|
|
}, routingExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "routing with non-zero segments left",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 0,
|
|
1, 1, 2, 3, 4, 5,
|
|
}, routingExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6ErroneousHeader,
|
|
pointer: header.IPv6FixedHeaderSize + 2,
|
|
},
|
|
{
|
|
name: "atomic fragment with zero ID",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 0,
|
|
0, 0, 0, 0, 0, 0,
|
|
}, fragmentExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "atomic fragment with non-zero ID",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 0,
|
|
0, 0, 1, 2, 3, 4,
|
|
}, fragmentExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "fragment",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 0,
|
|
1, 0, 1, 2, 3, 4,
|
|
}, fragmentExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "No next header",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{},
|
|
noNextHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "destination with unknown option skippable action",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Skippable unknown.
|
|
62, 6, 1, 2, 3, 4, 5, 6,
|
|
}, destinationExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "destination with unknown option discard action",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard unknown.
|
|
127, 6, 1, 2, 3, 4, 5, 6,
|
|
}, destinationExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "destination with unknown option discard and send icmp action (unicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP if option is unknown.
|
|
191, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ 191 is an unknown option.
|
|
}, destinationExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "destination with unknown option discard and send icmp action (muilticast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP if option is unknown.
|
|
191, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ 191 is an unknown option.
|
|
}, destinationExtHdrID
|
|
},
|
|
multicast: true,
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "destination with unknown option discard and send icmp action unless multicast dest (unicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP unless packet is for multicast destination if
|
|
// option is unknown.
|
|
255, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ 255 is unknown.
|
|
}, destinationExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownOption,
|
|
pointer: header.IPv6FixedHeaderSize + 8,
|
|
},
|
|
{
|
|
name: "destination with unknown option discard and send icmp action unless multicast dest (multicast)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Discard & send ICMP unless packet is for multicast destination if
|
|
// option is unknown.
|
|
255, 6, 1, 2, 3, 4, 5, 6,
|
|
//^ 255 is unknown.
|
|
}, destinationExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
multicast: true,
|
|
},
|
|
{
|
|
name: "atomic fragment - routing",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Fragment extension header.
|
|
routingExtHdrID, 0, 0, 0, 1, 2, 3, 4,
|
|
|
|
// Routing extension header.
|
|
nextHdr, 0, 1, 0, 2, 3, 4, 5,
|
|
}, fragmentExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "hop by hop (with skippable unknown) - routing",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Hop By Hop extension header with skippable unknown option.
|
|
routingExtHdrID, 0, 62, 4, 1, 2, 3, 4,
|
|
|
|
// Routing extension header.
|
|
nextHdr, 0, 1, 0, 2, 3, 4, 5,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "routing - hop by hop (with skippable unknown)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Routing extension header.
|
|
hopByHopExtHdrID, 0, 1, 0, 2, 3, 4, 5,
|
|
// ^^^ The HopByHop extension header may not appear after the first
|
|
// extension header.
|
|
|
|
// Hop By Hop extension header with skippable unknown option.
|
|
nextHdr, 0, 62, 4, 1, 2, 3, 4,
|
|
}, routingExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownHeader,
|
|
pointer: header.IPv6FixedHeaderSize,
|
|
},
|
|
{
|
|
name: "routing - hop by hop (with send icmp unknown)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Routing extension header.
|
|
hopByHopExtHdrID, 0, 1, 0, 2, 3, 4, 5,
|
|
// ^^^ The HopByHop extension header may not appear after the first
|
|
// extension header.
|
|
|
|
nextHdr, 1,
|
|
|
|
// Skippable unknown.
|
|
63, 4, 1, 2, 3, 4,
|
|
|
|
// Skippable unknown.
|
|
191, 6, 1, 2, 3, 4, 5, 6,
|
|
}, routingExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: true,
|
|
ICMPType: header.ICMPv6ParamProblem,
|
|
ICMPCode: header.ICMPv6UnknownHeader,
|
|
pointer: header.IPv6FixedHeaderSize,
|
|
},
|
|
{
|
|
name: "No next header",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) { return []byte{}, noNextHdrID },
|
|
shouldAccept: false,
|
|
},
|
|
{
|
|
name: "hopbyhop (with skippable unknown) - routing - atomic fragment - destination (with skippable unknown)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Hop By Hop extension header with skippable unknown option.
|
|
routingExtHdrID, 0, 62, 4, 1, 2, 3, 4,
|
|
|
|
// Routing extension header.
|
|
fragmentExtHdrID, 0, 1, 0, 2, 3, 4, 5,
|
|
|
|
// Fragment extension header.
|
|
destinationExtHdrID, 0, 0, 0, 1, 2, 3, 4,
|
|
|
|
// Destination extension header with skippable unknown option.
|
|
nextHdr, 0, 63, 4, 1, 2, 3, 4,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: true,
|
|
},
|
|
{
|
|
name: "hopbyhop (with discard unknown) - routing - atomic fragment - destination (with skippable unknown)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Hop By Hop extension header with discard action for unknown option.
|
|
routingExtHdrID, 0, 65, 4, 1, 2, 3, 4,
|
|
|
|
// Routing extension header.
|
|
fragmentExtHdrID, 0, 1, 0, 2, 3, 4, 5,
|
|
|
|
// Fragment extension header.
|
|
destinationExtHdrID, 0, 0, 0, 1, 2, 3, 4,
|
|
|
|
// Destination extension header with skippable unknown option.
|
|
nextHdr, 0, 63, 4, 1, 2, 3, 4,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
{
|
|
name: "hopbyhop (with skippable unknown) - routing - atomic fragment - destination (with discard unknown)",
|
|
extHdr: func(nextHdr uint8) ([]byte, uint8) {
|
|
return []byte{
|
|
// Hop By Hop extension header with skippable unknown option.
|
|
routingExtHdrID, 0, 62, 4, 1, 2, 3, 4,
|
|
|
|
// Routing extension header.
|
|
fragmentExtHdrID, 0, 1, 0, 2, 3, 4, 5,
|
|
|
|
// Fragment extension header.
|
|
destinationExtHdrID, 0, 0, 0, 1, 2, 3, 4,
|
|
|
|
// Destination extension header with discard action for unknown
|
|
// option.
|
|
nextHdr, 0, 65, 4, 1, 2, 3, 4,
|
|
}, hopByHopExtHdrID
|
|
},
|
|
shouldAccept: false,
|
|
expectICMP: false,
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
TransportProtocols: []stack.TransportProtocolFactory{udp.NewProtocol},
|
|
})
|
|
e := channel.New(1, 1280, linkAddr1)
|
|
if err := s.CreateNIC(nicID, e); err != nil {
|
|
t.Fatalf("CreateNIC(%d, _) = %s", nicID, err)
|
|
}
|
|
if err := s.AddAddress(nicID, ProtocolNumber, addr2); err != nil {
|
|
t.Fatalf("AddAddress(%d, %d, %s) = %s", nicID, ProtocolNumber, addr2, err)
|
|
}
|
|
|
|
// Add a default route so that a return packet knows where to go.
|
|
s.SetRouteTable([]tcpip.Route{
|
|
{
|
|
Destination: header.IPv6EmptySubnet,
|
|
NIC: nicID,
|
|
},
|
|
})
|
|
|
|
wq := waiter.Queue{}
|
|
we, ch := waiter.NewChannelEntry(nil)
|
|
wq.EventRegister(&we, waiter.EventIn)
|
|
defer wq.EventUnregister(&we)
|
|
defer close(ch)
|
|
ep, err := s.NewEndpoint(udp.ProtocolNumber, ProtocolNumber, &wq)
|
|
if err != nil {
|
|
t.Fatalf("NewEndpoint(%d, %d, _): %s", udp.ProtocolNumber, ProtocolNumber, err)
|
|
}
|
|
defer ep.Close()
|
|
|
|
bindAddr := tcpip.FullAddress{Addr: addr2, Port: 80}
|
|
if err := ep.Bind(bindAddr); err != nil {
|
|
t.Fatalf("Bind(%+v): %s", bindAddr, err)
|
|
}
|
|
|
|
udpPayload := []byte{1, 2, 3, 4, 5, 6, 7, 8}
|
|
udpLength := header.UDPMinimumSize + len(udpPayload)
|
|
extHdrBytes, ipv6NextHdr := test.extHdr(uint8(header.UDPProtocolNumber))
|
|
extHdrLen := len(extHdrBytes)
|
|
hdr := buffer.NewPrependable(header.IPv6MinimumSize + extHdrLen + udpLength)
|
|
|
|
// Serialize UDP message.
|
|
u := header.UDP(hdr.Prepend(udpLength))
|
|
u.Encode(&header.UDPFields{
|
|
SrcPort: 5555,
|
|
DstPort: 80,
|
|
Length: uint16(udpLength),
|
|
})
|
|
copy(u.Payload(), udpPayload)
|
|
sum := header.PseudoHeaderChecksum(udp.ProtocolNumber, addr1, addr2, uint16(udpLength))
|
|
sum = header.Checksum(udpPayload, sum)
|
|
u.SetChecksum(^u.CalculateChecksum(sum))
|
|
|
|
// Copy extension header bytes between the UDP message and the IPv6
|
|
// fixed header.
|
|
copy(hdr.Prepend(extHdrLen), extHdrBytes)
|
|
|
|
// Serialize IPv6 fixed header.
|
|
payloadLength := hdr.UsedLength()
|
|
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
|
|
dstAddr := tcpip.Address(addr2)
|
|
if test.multicast {
|
|
dstAddr = header.IPv6AllNodesMulticastAddress
|
|
}
|
|
ip.Encode(&header.IPv6Fields{
|
|
PayloadLength: uint16(payloadLength),
|
|
NextHeader: ipv6NextHdr,
|
|
HopLimit: 255,
|
|
SrcAddr: addr1,
|
|
DstAddr: dstAddr,
|
|
})
|
|
|
|
e.InjectInbound(ProtocolNumber, stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
Data: hdr.View().ToVectorisedView(),
|
|
}))
|
|
|
|
stats := s.Stats().UDP.PacketsReceived
|
|
|
|
if !test.shouldAccept {
|
|
if got := stats.Value(); got != 0 {
|
|
t.Errorf("got UDP Rx Packets = %d, want = 0", got)
|
|
}
|
|
|
|
if !test.expectICMP {
|
|
if p, ok := e.Read(); ok {
|
|
t.Fatalf("unexpected packet received: %#v", p)
|
|
}
|
|
return
|
|
}
|
|
|
|
// ICMP required.
|
|
p, ok := e.Read()
|
|
if !ok {
|
|
t.Fatalf("expected packet wasn't written out")
|
|
}
|
|
|
|
// Pack the output packet into a single buffer.View as the checkers
|
|
// assume that.
|
|
vv := buffer.NewVectorisedView(p.Pkt.Size(), p.Pkt.Views())
|
|
pkt := vv.ToView()
|
|
if got, want := len(pkt), header.IPv6FixedHeaderSize+header.ICMPv6MinimumSize+hdr.UsedLength(); got != want {
|
|
t.Fatalf("got an ICMP packet of size = %d, want = %d", got, want)
|
|
}
|
|
|
|
ipHdr := header.IPv6(pkt)
|
|
checker.IPv6(t, ipHdr, checker.ICMPv6(
|
|
checker.ICMPv6Type(test.ICMPType),
|
|
checker.ICMPv6Code(test.ICMPCode)))
|
|
|
|
// We know we are looking at no extension headers in the error ICMP
|
|
// packets.
|
|
icmpPkt := header.ICMPv6(ipHdr.Payload())
|
|
// We know we sent small packets that won't be truncated when reflected
|
|
// back to us.
|
|
originalPacket := icmpPkt.Payload()
|
|
if got, want := icmpPkt.TypeSpecific(), test.pointer; got != want {
|
|
t.Errorf("unexpected ICMPv6 pointer, got = %d, want = %d\n", got, want)
|
|
}
|
|
if diff := cmp.Diff(hdr.View(), buffer.View(originalPacket)); diff != "" {
|
|
t.Errorf("ICMPv6 payload mismatch (-want +got):\n%s", diff)
|
|
}
|
|
return
|
|
}
|
|
|
|
// Expect a UDP packet.
|
|
if got := stats.Value(); got != 1 {
|
|
t.Errorf("got UDP Rx Packets = %d, want = 1", got)
|
|
}
|
|
gotPayload, _, err := ep.Read(nil)
|
|
if err != nil {
|
|
t.Fatalf("Read(nil): %s", err)
|
|
}
|
|
if diff := cmp.Diff(buffer.View(udpPayload), gotPayload); diff != "" {
|
|
t.Errorf("got UDP payload mismatch (-want +got):\n%s", diff)
|
|
}
|
|
|
|
// Should not have any more UDP packets.
|
|
if gotPayload, _, err := ep.Read(nil); err != tcpip.ErrWouldBlock {
|
|
t.Fatalf("got Read(nil) = (%x, _, %v), want = (_, _, %s)", gotPayload, err, tcpip.ErrWouldBlock)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
// fragmentData holds the IPv6 payload for a fragmented IPv6 packet.
|
|
type fragmentData struct {
|
|
srcAddr tcpip.Address
|
|
dstAddr tcpip.Address
|
|
nextHdr uint8
|
|
data buffer.VectorisedView
|
|
}
|
|
|
|
func TestReceiveIPv6Fragments(t *testing.T) {
|
|
const (
|
|
nicID = 1
|
|
udpPayload1Length = 256
|
|
udpPayload2Length = 128
|
|
// Used to test cases where the fragment blocks are not a multiple of
|
|
// the fragment block size of 8 (RFC 8200 section 4.5).
|
|
udpPayload3Length = 127
|
|
udpPayload4Length = header.IPv6MaximumPayloadSize - header.UDPMinimumSize
|
|
fragmentExtHdrLen = 8
|
|
// Note, not all routing extension headers will be 8 bytes but this test
|
|
// uses 8 byte routing extension headers for most sub tests.
|
|
routingExtHdrLen = 8
|
|
)
|
|
|
|
udpGen := func(payload []byte, multiplier uint8, src, dst tcpip.Address) buffer.View {
|
|
payloadLen := len(payload)
|
|
for i := 0; i < payloadLen; i++ {
|
|
payload[i] = uint8(i) * multiplier
|
|
}
|
|
|
|
udpLength := header.UDPMinimumSize + payloadLen
|
|
|
|
hdr := buffer.NewPrependable(udpLength)
|
|
u := header.UDP(hdr.Prepend(udpLength))
|
|
u.Encode(&header.UDPFields{
|
|
SrcPort: 5555,
|
|
DstPort: 80,
|
|
Length: uint16(udpLength),
|
|
})
|
|
copy(u.Payload(), payload)
|
|
sum := header.PseudoHeaderChecksum(udp.ProtocolNumber, src, dst, uint16(udpLength))
|
|
sum = header.Checksum(payload, sum)
|
|
u.SetChecksum(^u.CalculateChecksum(sum))
|
|
return hdr.View()
|
|
}
|
|
|
|
var udpPayload1Addr1ToAddr2Buf [udpPayload1Length]byte
|
|
udpPayload1Addr1ToAddr2 := udpPayload1Addr1ToAddr2Buf[:]
|
|
ipv6Payload1Addr1ToAddr2 := udpGen(udpPayload1Addr1ToAddr2, 1, addr1, addr2)
|
|
|
|
var udpPayload1Addr3ToAddr2Buf [udpPayload1Length]byte
|
|
udpPayload1Addr3ToAddr2 := udpPayload1Addr3ToAddr2Buf[:]
|
|
ipv6Payload1Addr3ToAddr2 := udpGen(udpPayload1Addr3ToAddr2, 4, addr3, addr2)
|
|
|
|
var udpPayload2Addr1ToAddr2Buf [udpPayload2Length]byte
|
|
udpPayload2Addr1ToAddr2 := udpPayload2Addr1ToAddr2Buf[:]
|
|
ipv6Payload2Addr1ToAddr2 := udpGen(udpPayload2Addr1ToAddr2, 2, addr1, addr2)
|
|
|
|
var udpPayload3Addr1ToAddr2Buf [udpPayload3Length]byte
|
|
udpPayload3Addr1ToAddr2 := udpPayload3Addr1ToAddr2Buf[:]
|
|
ipv6Payload3Addr1ToAddr2 := udpGen(udpPayload3Addr1ToAddr2, 3, addr1, addr2)
|
|
|
|
var udpPayload4Addr1ToAddr2Buf [udpPayload4Length]byte
|
|
udpPayload4Addr1ToAddr2 := udpPayload4Addr1ToAddr2Buf[:]
|
|
ipv6Payload4Addr1ToAddr2 := udpGen(udpPayload4Addr1ToAddr2, 4, addr1, addr2)
|
|
|
|
tests := []struct {
|
|
name string
|
|
expectedPayload []byte
|
|
fragments []fragmentData
|
|
expectedPayloads [][]byte
|
|
}{
|
|
{
|
|
name: "No fragmentation",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: uint8(header.UDPProtocolNumber),
|
|
data: ipv6Payload1Addr1ToAddr2.ToVectorisedView(),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Atomic fragment",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2),
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 0, 0, 0, 0, 0}),
|
|
|
|
ipv6Payload1Addr1ToAddr2,
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Atomic fragment with size not a multiple of fragment block size",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload3Addr1ToAddr2),
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 0, 0, 0, 0, 0}),
|
|
|
|
ipv6Payload3Addr1ToAddr2,
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload3Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments out of order",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with different Next Header values",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
// NextHeader value is different than the one in the first fragment, so
|
|
// this NextHeader should be ignored.
|
|
buffer.View([]byte{uint8(header.IPv6NoNextHeaderIdentifier), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with last fragment size not a multiple of fragment block size",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload3Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload3Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload3Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload3Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with first fragment size not a multiple of fragment block size",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+63,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload3Addr1ToAddr2[:63],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload3Addr1ToAddr2)-63,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload3Addr1ToAddr2[63:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
{
|
|
name: "Two fragments with different IDs",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 2
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 2}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
{
|
|
name: "Two fragments reassembled into a maximum UDP packet",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+65520,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload4Addr1ToAddr2[:65520],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload4Addr1ToAddr2)-65520,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8190, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 255, 240, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload4Addr1ToAddr2[65520:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload4Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with per-fragment routing header with zero segments left",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: routingExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 0.
|
|
buffer.View([]byte{fragmentExtHdrID, 0, 1, 0, 2, 3, 4, 5}),
|
|
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: routingExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 0.
|
|
buffer.View([]byte{fragmentExtHdrID, 0, 1, 0, 2, 3, 4, 5}),
|
|
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with per-fragment routing header with non-zero segments left",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: routingExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 1.
|
|
buffer.View([]byte{fragmentExtHdrID, 0, 1, 1, 2, 3, 4, 5}),
|
|
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: routingExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 1.
|
|
buffer.View([]byte{fragmentExtHdrID, 0, 1, 1, 2, 3, 4, 5}),
|
|
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 9, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 72, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
{
|
|
name: "Two fragments with routing header with zero segments left",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 0.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 1, 0, 2, 3, 4, 5}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 9, More = false, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 72, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two fragments with routing header with non-zero segments left",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
routingExtHdrLen+fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header.
|
|
//
|
|
// Segments left = 1.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 1, 1, 2, 3, 4, 5}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 9, More = false, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 72, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
{
|
|
name: "Two fragments with routing header with zero segments left across fragments",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
// The length of this payload is fragmentExtHdrLen+8 because the
|
|
// first 8 bytes of the 16 byte routing extension header is in
|
|
// this fragment.
|
|
fragmentExtHdrLen+8,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header (part 1)
|
|
//
|
|
// Segments left = 0.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 1, 1, 0, 2, 3, 4, 5}),
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
// The length of this payload is
|
|
// fragmentExtHdrLen+8+len(ipv6Payload1Addr1ToAddr2) because the last 8 bytes of
|
|
// the 16 byte routing extension header is in this fagment.
|
|
fragmentExtHdrLen+8+len(ipv6Payload1Addr1ToAddr2),
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 1, More = false, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 8, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header (part 2)
|
|
buffer.View([]byte{6, 7, 8, 9, 10, 11, 12, 13}),
|
|
|
|
ipv6Payload1Addr1ToAddr2,
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
{
|
|
name: "Two fragments with routing header with non-zero segments left across fragments",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
// The length of this payload is fragmentExtHdrLen+8 because the
|
|
// first 8 bytes of the 16 byte routing extension header is in
|
|
// this fragment.
|
|
fragmentExtHdrLen+8,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header (part 1)
|
|
//
|
|
// Segments left = 1.
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 1, 1, 1, 2, 3, 4, 5}),
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
// The length of this payload is
|
|
// fragmentExtHdrLen+8+len(ipv6Payload1Addr1ToAddr2) because the last 8 bytes of
|
|
// the 16 byte routing extension header is in this fagment.
|
|
fragmentExtHdrLen+8+len(ipv6Payload1Addr1ToAddr2),
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 1, More = false, ID = 1
|
|
buffer.View([]byte{routingExtHdrID, 0, 0, 8, 0, 0, 0, 1}),
|
|
|
|
// Routing extension header (part 2)
|
|
buffer.View([]byte{6, 7, 8, 9, 10, 11, 12, 13}),
|
|
|
|
ipv6Payload1Addr1ToAddr2,
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: nil,
|
|
},
|
|
// As per RFC 6946, IPv6 atomic fragments MUST NOT interfere with "normal"
|
|
// fragmented traffic.
|
|
{
|
|
name: "Two fragments with atomic",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
// This fragment has the same ID as the other fragments but is an atomic
|
|
// fragment. It should not interfere with the other fragments.
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload2Addr1ToAddr2),
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 0, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload2Addr1ToAddr2,
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload2Addr1ToAddr2, udpPayload1Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two interleaved fragmented packets",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+32,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 2
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 2}),
|
|
|
|
ipv6Payload2Addr1ToAddr2[:32],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload2Addr1ToAddr2)-32,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 4, More = false, ID = 2
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 32, 0, 0, 0, 2}),
|
|
|
|
ipv6Payload2Addr1ToAddr2[32:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2, udpPayload2Addr1ToAddr2},
|
|
},
|
|
{
|
|
name: "Two interleaved fragmented packets from different sources but with same ID",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[:64],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr3,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+32,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 0, More = true, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 1, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr3ToAddr2[:32],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-64,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 8, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 64, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr1ToAddr2[64:],
|
|
},
|
|
),
|
|
},
|
|
{
|
|
srcAddr: addr3,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+len(ipv6Payload1Addr1ToAddr2)-32,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
//
|
|
// Fragment offset = 4, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0, 0, 32, 0, 0, 0, 1}),
|
|
|
|
ipv6Payload1Addr3ToAddr2[32:],
|
|
},
|
|
),
|
|
},
|
|
},
|
|
expectedPayloads: [][]byte{udpPayload1Addr1ToAddr2, udpPayload1Addr3ToAddr2},
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
TransportProtocols: []stack.TransportProtocolFactory{udp.NewProtocol},
|
|
})
|
|
e := channel.New(0, 1280, linkAddr1)
|
|
if err := s.CreateNIC(nicID, e); err != nil {
|
|
t.Fatalf("CreateNIC(%d, _) = %s", nicID, err)
|
|
}
|
|
if err := s.AddAddress(nicID, ProtocolNumber, addr2); err != nil {
|
|
t.Fatalf("AddAddress(%d, %d, %s) = %s", nicID, ProtocolNumber, addr2, err)
|
|
}
|
|
|
|
wq := waiter.Queue{}
|
|
we, ch := waiter.NewChannelEntry(nil)
|
|
wq.EventRegister(&we, waiter.EventIn)
|
|
defer wq.EventUnregister(&we)
|
|
defer close(ch)
|
|
ep, err := s.NewEndpoint(udp.ProtocolNumber, ProtocolNumber, &wq)
|
|
if err != nil {
|
|
t.Fatalf("NewEndpoint(%d, %d, _): %s", udp.ProtocolNumber, ProtocolNumber, err)
|
|
}
|
|
defer ep.Close()
|
|
|
|
bindAddr := tcpip.FullAddress{Addr: addr2, Port: 80}
|
|
if err := ep.Bind(bindAddr); err != nil {
|
|
t.Fatalf("Bind(%+v): %s", bindAddr, err)
|
|
}
|
|
|
|
for _, f := range test.fragments {
|
|
hdr := buffer.NewPrependable(header.IPv6MinimumSize)
|
|
|
|
// Serialize IPv6 fixed header.
|
|
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
|
|
ip.Encode(&header.IPv6Fields{
|
|
PayloadLength: uint16(f.data.Size()),
|
|
NextHeader: f.nextHdr,
|
|
HopLimit: 255,
|
|
SrcAddr: f.srcAddr,
|
|
DstAddr: f.dstAddr,
|
|
})
|
|
|
|
vv := hdr.View().ToVectorisedView()
|
|
vv.Append(f.data)
|
|
|
|
e.InjectInbound(ProtocolNumber, stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
Data: vv,
|
|
}))
|
|
}
|
|
|
|
if got, want := s.Stats().UDP.PacketsReceived.Value(), uint64(len(test.expectedPayloads)); got != want {
|
|
t.Errorf("got UDP Rx Packets = %d, want = %d", got, want)
|
|
}
|
|
|
|
for i, p := range test.expectedPayloads {
|
|
gotPayload, _, err := ep.Read(nil)
|
|
if err != nil {
|
|
t.Fatalf("(i=%d) Read(nil): %s", i, err)
|
|
}
|
|
if diff := cmp.Diff(buffer.View(p), gotPayload); diff != "" {
|
|
t.Errorf("(i=%d) got UDP payload mismatch (-want +got):\n%s", i, diff)
|
|
}
|
|
}
|
|
|
|
if gotPayload, _, err := ep.Read(nil); err != tcpip.ErrWouldBlock {
|
|
t.Fatalf("(last) got Read(nil) = (%x, _, %v), want = (_, _, %s)", gotPayload, err, tcpip.ErrWouldBlock)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestInvalidIPv6Fragments(t *testing.T) {
|
|
const (
|
|
nicID = 1
|
|
fragmentExtHdrLen = 8
|
|
)
|
|
|
|
payloadGen := func(payloadLen int) []byte {
|
|
payload := make([]byte, payloadLen)
|
|
for i := 0; i < len(payload); i++ {
|
|
payload[i] = 0x30
|
|
}
|
|
return payload
|
|
}
|
|
|
|
tests := []struct {
|
|
name string
|
|
fragments []fragmentData
|
|
wantMalformedIPPackets uint64
|
|
wantMalformedFragments uint64
|
|
}{
|
|
{
|
|
name: "fragments reassembled into a payload exceeding the max IPv6 payload size",
|
|
fragments: []fragmentData{
|
|
{
|
|
srcAddr: addr1,
|
|
dstAddr: addr2,
|
|
nextHdr: fragmentExtHdrID,
|
|
data: buffer.NewVectorisedView(
|
|
fragmentExtHdrLen+(header.IPv6MaximumPayloadSize+1)-16,
|
|
[]buffer.View{
|
|
// Fragment extension header.
|
|
// Fragment offset = 8190, More = false, ID = 1
|
|
buffer.View([]byte{uint8(header.UDPProtocolNumber), 0,
|
|
((header.IPv6MaximumPayloadSize + 1) - 16) >> 8,
|
|
((header.IPv6MaximumPayloadSize + 1) - 16) & math.MaxUint8,
|
|
0, 0, 0, 1}),
|
|
// Payload length = 16
|
|
payloadGen(16),
|
|
},
|
|
),
|
|
},
|
|
},
|
|
wantMalformedIPPackets: 1,
|
|
wantMalformedFragments: 1,
|
|
},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{
|
|
NewProtocol,
|
|
},
|
|
})
|
|
e := channel.New(0, 1500, linkAddr1)
|
|
if err := s.CreateNIC(nicID, e); err != nil {
|
|
t.Fatalf("CreateNIC(%d, _) = %s", nicID, err)
|
|
}
|
|
if err := s.AddAddress(nicID, ProtocolNumber, addr2); err != nil {
|
|
t.Fatalf("AddAddress(%d, %d, %s) = %s", nicID, ProtocolNumber, addr2, err)
|
|
}
|
|
|
|
for _, f := range test.fragments {
|
|
hdr := buffer.NewPrependable(header.IPv6MinimumSize)
|
|
|
|
// Serialize IPv6 fixed header.
|
|
ip := header.IPv6(hdr.Prepend(header.IPv6MinimumSize))
|
|
ip.Encode(&header.IPv6Fields{
|
|
PayloadLength: uint16(f.data.Size()),
|
|
NextHeader: f.nextHdr,
|
|
HopLimit: 255,
|
|
SrcAddr: f.srcAddr,
|
|
DstAddr: f.dstAddr,
|
|
})
|
|
|
|
vv := hdr.View().ToVectorisedView()
|
|
vv.Append(f.data)
|
|
|
|
e.InjectInbound(ProtocolNumber, stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
Data: vv,
|
|
}))
|
|
}
|
|
|
|
if got, want := s.Stats().IP.MalformedPacketsReceived.Value(), test.wantMalformedIPPackets; got != want {
|
|
t.Errorf("got Stats.IP.MalformedPacketsReceived = %d, want = %d", got, want)
|
|
}
|
|
if got, want := s.Stats().IP.MalformedFragmentsReceived.Value(), test.wantMalformedFragments; got != want {
|
|
t.Errorf("got Stats.IP.MalformedFragmentsReceived = %d, want = %d", got, want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestWriteStats(t *testing.T) {
|
|
const nPackets = 3
|
|
tests := []struct {
|
|
name string
|
|
setup func(*testing.T, *stack.Stack)
|
|
allowPackets int
|
|
expectSent int
|
|
expectDropped int
|
|
expectWritten int
|
|
}{
|
|
{
|
|
name: "Accept all",
|
|
// No setup needed, tables accept everything by default.
|
|
setup: func(*testing.T, *stack.Stack) {},
|
|
allowPackets: math.MaxInt32,
|
|
expectSent: nPackets,
|
|
expectDropped: 0,
|
|
expectWritten: nPackets,
|
|
}, {
|
|
name: "Accept all with error",
|
|
// No setup needed, tables accept everything by default.
|
|
setup: func(*testing.T, *stack.Stack) {},
|
|
allowPackets: nPackets - 1,
|
|
expectSent: nPackets - 1,
|
|
expectDropped: 0,
|
|
expectWritten: nPackets - 1,
|
|
}, {
|
|
name: "Drop all",
|
|
setup: func(t *testing.T, stk *stack.Stack) {
|
|
// Install Output DROP rule.
|
|
t.Helper()
|
|
ipt := stk.IPTables()
|
|
filter, ok := ipt.GetTable(stack.FilterTable, true /* ipv6 */)
|
|
if !ok {
|
|
t.Fatalf("failed to find filter table")
|
|
}
|
|
ruleIdx := filter.BuiltinChains[stack.Output]
|
|
filter.Rules[ruleIdx].Target = &stack.DropTarget{}
|
|
if err := ipt.ReplaceTable(stack.FilterTable, filter, true /* ipv6 */); err != nil {
|
|
t.Fatalf("failed to replace table: %v", err)
|
|
}
|
|
},
|
|
allowPackets: math.MaxInt32,
|
|
expectSent: 0,
|
|
expectDropped: nPackets,
|
|
expectWritten: nPackets,
|
|
}, {
|
|
name: "Drop some",
|
|
setup: func(t *testing.T, stk *stack.Stack) {
|
|
// Install Output DROP rule that matches only 1
|
|
// of the 3 packets.
|
|
t.Helper()
|
|
ipt := stk.IPTables()
|
|
filter, ok := ipt.GetTable(stack.FilterTable, true /* ipv6 */)
|
|
if !ok {
|
|
t.Fatalf("failed to find filter table")
|
|
}
|
|
// We'll match and DROP the last packet.
|
|
ruleIdx := filter.BuiltinChains[stack.Output]
|
|
filter.Rules[ruleIdx].Target = &stack.DropTarget{}
|
|
filter.Rules[ruleIdx].Matchers = []stack.Matcher{&limitedMatcher{nPackets - 1}}
|
|
// Make sure the next rule is ACCEPT.
|
|
filter.Rules[ruleIdx+1].Target = &stack.AcceptTarget{}
|
|
if err := ipt.ReplaceTable(stack.FilterTable, filter, true /* ipv6 */); err != nil {
|
|
t.Fatalf("failed to replace table: %v", err)
|
|
}
|
|
},
|
|
allowPackets: math.MaxInt32,
|
|
expectSent: nPackets - 1,
|
|
expectDropped: 1,
|
|
expectWritten: nPackets,
|
|
},
|
|
}
|
|
|
|
writers := []struct {
|
|
name string
|
|
writePackets func(*stack.Route, stack.PacketBufferList) (int, *tcpip.Error)
|
|
}{
|
|
{
|
|
name: "WritePacket",
|
|
writePackets: func(rt *stack.Route, pkts stack.PacketBufferList) (int, *tcpip.Error) {
|
|
nWritten := 0
|
|
for pkt := pkts.Front(); pkt != nil; pkt = pkt.Next() {
|
|
if err := rt.WritePacket(nil, stack.NetworkHeaderParams{}, pkt); err != nil {
|
|
return nWritten, err
|
|
}
|
|
nWritten++
|
|
}
|
|
return nWritten, nil
|
|
},
|
|
}, {
|
|
name: "WritePackets",
|
|
writePackets: func(rt *stack.Route, pkts stack.PacketBufferList) (int, *tcpip.Error) {
|
|
return rt.WritePackets(nil, pkts, stack.NetworkHeaderParams{})
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, writer := range writers {
|
|
t.Run(writer.name, func(t *testing.T) {
|
|
for _, test := range tests {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
ep := testutil.NewMockLinkEndpoint(header.IPv6MinimumMTU, tcpip.ErrInvalidEndpointState, test.allowPackets)
|
|
rt := buildRoute(t, ep)
|
|
|
|
var pkts stack.PacketBufferList
|
|
for i := 0; i < nPackets; i++ {
|
|
pkt := stack.NewPacketBuffer(stack.PacketBufferOptions{
|
|
ReserveHeaderBytes: header.UDPMinimumSize + int(rt.MaxHeaderLength()),
|
|
Data: buffer.NewView(0).ToVectorisedView(),
|
|
})
|
|
pkt.TransportHeader().Push(header.UDPMinimumSize)
|
|
pkts.PushBack(pkt)
|
|
}
|
|
|
|
test.setup(t, rt.Stack())
|
|
|
|
nWritten, _ := writer.writePackets(&rt, pkts)
|
|
|
|
if got := int(rt.Stats().IP.PacketsSent.Value()); got != test.expectSent {
|
|
t.Errorf("sent %d packets, but expected to send %d", got, test.expectSent)
|
|
}
|
|
if got := int(rt.Stats().IP.IPTablesOutputDropped.Value()); got != test.expectDropped {
|
|
t.Errorf("dropped %d packets, but expected to drop %d", got, test.expectDropped)
|
|
}
|
|
if nWritten != test.expectWritten {
|
|
t.Errorf("wrote %d packets, but expected WritePackets to return %d", nWritten, test.expectWritten)
|
|
}
|
|
})
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func buildRoute(t *testing.T, ep stack.LinkEndpoint) stack.Route {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
})
|
|
if err := s.CreateNIC(1, ep); err != nil {
|
|
t.Fatalf("CreateNIC(1, _) failed: %s", err)
|
|
}
|
|
const (
|
|
src = "\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01"
|
|
dst = "\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02"
|
|
)
|
|
if err := s.AddAddress(1, ProtocolNumber, src); err != nil {
|
|
t.Fatalf("AddAddress(1, %d, _) failed: %s", ProtocolNumber, err)
|
|
}
|
|
{
|
|
subnet, err := tcpip.NewSubnet(dst, tcpip.AddressMask("\xfc\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"))
|
|
if err != nil {
|
|
t.Fatalf("NewSubnet(_, _) failed: %v", err)
|
|
}
|
|
s.SetRouteTable([]tcpip.Route{{
|
|
Destination: subnet,
|
|
NIC: 1,
|
|
}})
|
|
}
|
|
rt, err := s.FindRoute(1, src, dst, ProtocolNumber, false /* multicastLoop */)
|
|
if err != nil {
|
|
t.Fatalf("got FindRoute(1, _, _, %d, false) = %s, want = nil", ProtocolNumber, err)
|
|
}
|
|
return rt
|
|
}
|
|
|
|
// limitedMatcher is an iptables matcher that matches after a certain number of
|
|
// packets are checked against it.
|
|
type limitedMatcher struct {
|
|
limit int
|
|
}
|
|
|
|
// Name implements Matcher.Name.
|
|
func (*limitedMatcher) Name() string {
|
|
return "limitedMatcher"
|
|
}
|
|
|
|
// Match implements Matcher.Match.
|
|
func (lm *limitedMatcher) Match(stack.Hook, *stack.PacketBuffer, string) (bool, bool) {
|
|
if lm.limit == 0 {
|
|
return true, false
|
|
}
|
|
lm.limit--
|
|
return false, false
|
|
}
|
|
|
|
func TestClearEndpointFromProtocolOnClose(t *testing.T) {
|
|
s := stack.New(stack.Options{
|
|
NetworkProtocols: []stack.NetworkProtocolFactory{NewProtocol},
|
|
})
|
|
proto := s.NetworkProtocolInstance(ProtocolNumber).(*protocol)
|
|
ep := proto.NewEndpoint(&testInterface{}, nil, nil, nil).(*endpoint)
|
|
{
|
|
proto.mu.Lock()
|
|
_, hasEP := proto.mu.eps[ep]
|
|
proto.mu.Unlock()
|
|
if !hasEP {
|
|
t.Fatalf("expected protocol to have ep = %p in set of endpoints", ep)
|
|
}
|
|
}
|
|
|
|
ep.Close()
|
|
|
|
{
|
|
proto.mu.Lock()
|
|
_, hasEP := proto.mu.eps[ep]
|
|
proto.mu.Unlock()
|
|
if hasEP {
|
|
t.Fatalf("unexpectedly found ep = %p in set of protocol's endpoints", ep)
|
|
}
|
|
}
|
|
}
|