1 /* Tests for BPF devices (LWIP) - by D.C. van Moolenbroek */
2 /* This test needs to be run as root: opening BPF devices is root-only. */
3 /*
4 * We do not attempt to test the BPF filter code here. Such a test is better
5 * done through standardized tests and with direct use of the filter code.
6 * The current BPF filter implementation has been run through the FreeBSD
7 * BPF filter regression tests (from their tools/regression/bpf/bpf_filter), of
8 * which only the last test (0084 - "Check very long BPF program") failed due
9 * to our lower and strictly enforced BPF_MAXINSNS value. Future modifications
10 * of the BPF filter code should be tested against at least that test set.
11 */
12 #include <stdlib.h>
13 #include <string.h>
14 #include <signal.h>
15 #include <sys/ioctl.h>
16 #include <sys/socket.h>
17 #include <sys/sysctl.h>
18 #include <sys/wait.h>
19 #include <net/bpf.h>
20 #include <net/bpfdesc.h>
21 #include <net/if.h>
22 #include <net/if_types.h>
23 #include <net/if_ether.h>
24 #include <net/if_dl.h>
25 #include <netinet/in.h>
26 #include <netinet/ip.h>
27 #include <netinet/ip6.h>
28 #include <netinet/udp.h>
29 #include <ifaddrs.h>
30 #include <unistd.h>
31 #include <fcntl.h>
32 #include <limits.h>
33 #include <paths.h>
34 #include <pwd.h>
35
36 #include "common.h"
37
38 #define ITERATIONS 2
39
40 #define LOOPBACK_IFNAME "lo0"
41
42 #define TEST_PORT_A 12345
43 #define TEST_PORT_B 12346
44
45 #define SLEEP_TIME 250000 /* (us) - increases may require code changes */
46
47 #define NONROOT_USER "bin" /* name of any unprivileged user */
48
49 #ifdef NO_INET6
50 const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
51 #endif /* NO_INET6 */
52
53 static unsigned int got_signal;
54
55 /*
56 * Signal handler.
57 */
58 static void
test94_signal(int sig)59 test94_signal(int sig)
60 {
61
62 if (sig != SIGUSR1) e(0);
63
64 got_signal++;
65 }
66
67 /*
68 * Send UDP packets on the given socket 'fd' so as to fill up a BPF store
69 * buffer of size 'size' exactly. The provided buffer 'buf' may be used for
70 * packet generation and is at least of 'size' bytes. Return the number of
71 * packets sent.
72 */
73 static uint32_t
test94_fill_exact(int fd,uint8_t * buf,size_t size,uint32_t seq)74 test94_fill_exact(int fd, uint8_t * buf, size_t size, uint32_t seq)
75 {
76 size_t hdrlen, len;
77
78 hdrlen = BPF_WORDALIGN(sizeof(struct bpf_hdr)) + sizeof(struct ip) +
79 sizeof(struct udphdr) + sizeof(seq);
80
81 for (len = 16; len <= hdrlen; len <<= 1);
82 if (len > size) e(0);
83
84 hdrlen = BPF_WORDALIGN(hdrlen - sizeof(seq));
85
86 for (; size > 0; seq++) {
87 memset(buf, 'Y', len - hdrlen);
88 if (len - hdrlen > sizeof(seq))
89 buf[sizeof(seq)] = 'X';
90 buf[len - hdrlen - 1] = 'Z';
91 memcpy(buf, &seq, sizeof(seq));
92
93 if (write(fd, buf, len - hdrlen) != len - hdrlen) e(0);
94
95 size -= len;
96 }
97
98 return seq;
99 }
100
101 /*
102 * Send UDP packets on the given socket 'fd' so as to fill up at least a BPF
103 * store buffer of size 'size', with at least one more packet being sent. The
104 * provided buffer 'buf' may be used for packet generation and is at least of
105 * 'size' bytes.
106 */
107 static void
test94_fill_random(int fd,uint8_t * buf,size_t size)108 test94_fill_random(int fd, uint8_t * buf, size_t size)
109 {
110 size_t hdrlen, len;
111 ssize_t left;
112 uint32_t seq;
113
114 hdrlen = BPF_WORDALIGN(BPF_WORDALIGN(sizeof(struct bpf_hdr)) +
115 sizeof(struct ip) + sizeof(struct udphdr));
116
117 /* Even if we fill the buffer exactly, we send one more packet. */
118 for (left = (ssize_t)size, seq = 1; left >= 0; seq++) {
119 len = hdrlen + sizeof(seq) + lrand48() % (size / 10);
120
121 memset(buf, 'Y', len - hdrlen);
122 if (len - hdrlen > sizeof(seq))
123 buf[sizeof(seq)] = 'X';
124 buf[len - hdrlen - 1] = 'Z';
125 memcpy(buf, &seq, sizeof(seq));
126
127 if (write(fd, buf, len - hdrlen) != len - hdrlen) e(0);
128
129 left -= BPF_WORDALIGN(len);
130 }
131 }
132
133 /*
134 * Send a UDP packet with a specific size of 'size' bytes and sequence number
135 * 'seq' on socket 'fd', using 'buf' as scratch buffer.
136 */
137 static void
test94_add_specific(int fd,uint8_t * buf,size_t size,uint32_t seq)138 test94_add_specific(int fd, uint8_t * buf, size_t size, uint32_t seq)
139 {
140
141 size += sizeof(seq);
142
143 memset(buf, 'Y', size);
144 if (size > sizeof(seq))
145 buf[sizeof(seq)] = 'X';
146 buf[size - 1] = 'Z';
147 memcpy(buf, &seq, sizeof(seq));
148
149 if (write(fd, buf, size) != size) e(0);
150 }
151
152 /*
153 * Send a randomly sized, relatively small UDP packet on the given socket 'fd',
154 * using sequence number 'seq'. The buffer 'buf' may be used as scratch buffer
155 * which is at most 'size' bytes--the same size as the total BPF buffer.
156 */
157 static void
test94_add_random(int fd,uint8_t * buf,size_t size,uint32_t seq)158 test94_add_random(int fd, uint8_t * buf, size_t size, uint32_t seq)
159 {
160
161 test94_add_specific(fd, buf, lrand48() % (size / 10), seq);
162 }
163
164 /*
165 * Check whether the packet in 'buf' of 'caplen' captured bytes out of
166 * 'datalen' data bytes is one we sent. If so, return an offset to the packet
167 * data. If not, return a negative value.
168 */
169 static ssize_t
test94_check_pkt(uint8_t * buf,ssize_t caplen,ssize_t datalen)170 test94_check_pkt(uint8_t * buf, ssize_t caplen, ssize_t datalen)
171 {
172 struct ip ip;
173 struct udphdr uh;
174
175 if (caplen < sizeof(ip))
176 return -1;
177
178 memcpy(&ip, buf, sizeof(ip));
179
180 if (ip.ip_v != IPVERSION)
181 return -1;
182 if (ip.ip_hl != sizeof(ip) >> 2)
183 return -1;
184 if (ip.ip_p != IPPROTO_UDP)
185 return -1;
186
187 if (caplen - sizeof(ip) < sizeof(uh))
188 return -1;
189
190 memcpy(&uh, buf + sizeof(ip), sizeof(uh));
191
192 if (uh.uh_sport != htons(TEST_PORT_A))
193 return -1;
194 if (uh.uh_dport != htons(TEST_PORT_B))
195 return -1;
196
197 if (datalen - sizeof(ip) != ntohs(uh.uh_ulen)) e(0);
198
199 return sizeof(ip) + sizeof(uh);
200 }
201
202 /*
203 * Check whether the capture in 'buf' of 'len' bytes looks like a valid set of
204 * captured packets. The valid packets start from sequence number 'seq'; the
205 * next expected sequence number is returned. If 'filtered' is set, there
206 * should be no other packets in the capture; otherwise, other packets are
207 * ignored.
208 */
209 static uint32_t
test94_check(uint8_t * buf,ssize_t len,uint32_t seq,int filtered,uint32_t * caplen,uint32_t * datalen)210 test94_check(uint8_t * buf, ssize_t len, uint32_t seq, int filtered,
211 uint32_t * caplen, uint32_t * datalen)
212 {
213 struct bpf_hdr bh;
214 ssize_t off;
215 uint32_t nseq;
216
217 while (len > 0) {
218 /*
219 * We rely on the assumption that the last packet in the buffer
220 * is padded to alignment as well; if not, this check fails.
221 */
222 if (len < BPF_WORDALIGN(sizeof(bh))) e(0);
223
224 memcpy(&bh, buf, sizeof(bh));
225
226 /*
227 * The timestamp fields should be filled in. The tests that
228 * use this function do not set a capture length below the
229 * packet length. The header must be exactly as large as we
230 * expect: no small-size tricks (as NetBSD uses) and no
231 * unexpected extra padding.
232 */
233 if (bh.bh_tstamp.tv_sec == 0 && bh.bh_tstamp.tv_usec == 0)
234 e(0);
235 if (caplen != NULL) {
236 if (bh.bh_caplen != *caplen) e(0);
237 if (bh.bh_datalen != *datalen) e(0);
238
239 caplen++;
240 datalen++;
241 } else
242 if (bh.bh_datalen != bh.bh_caplen) e(0);
243 if (bh.bh_hdrlen != BPF_WORDALIGN(sizeof(bh))) e(0);
244
245 if (bh.bh_hdrlen + BPF_WORDALIGN(bh.bh_caplen) > len) e(0);
246
247 buf += bh.bh_hdrlen;
248 len -= bh.bh_hdrlen;
249
250 if ((off = test94_check_pkt(buf, bh.bh_caplen,
251 bh.bh_datalen)) < 0) {
252 if (filtered) e(0);
253
254 buf += BPF_WORDALIGN(bh.bh_caplen);
255 len -= BPF_WORDALIGN(bh.bh_caplen);
256
257 continue;
258 }
259
260 if (bh.bh_caplen < off + sizeof(seq)) e(0);
261
262 memcpy(&nseq, &buf[off], sizeof(nseq));
263
264 if (nseq != seq++) e(0);
265
266 off += sizeof(seq);
267 if (off < bh.bh_caplen) {
268 /* If there is just one byte, it is 'Z'. */
269 if (off < bh.bh_caplen && off < bh.bh_datalen - 1) {
270 if (buf[off] != 'X') e(0);
271
272 for (off++; off < bh.bh_caplen &&
273 off < bh.bh_datalen - 1; off++)
274 if (buf[off] != 'Y') e(0);
275 }
276 if (off < bh.bh_caplen && off == bh.bh_datalen - 1 &&
277 buf[off] != 'Z') e(0);
278 }
279
280 buf += BPF_WORDALIGN(bh.bh_caplen);
281 len -= BPF_WORDALIGN(bh.bh_caplen);
282 }
283
284 return seq;
285 }
286
287 /*
288 * Filter program to ensure that the given (datalink-headerless) packet is an
289 * IPv4 UDP packet from port 12345 to port 12346. Important: the 'k' value of
290 * the last instruction must be the accepted packet size, and is modified by
291 * some of the tests further down!
292 */
293 static struct bpf_insn test94_filter[] = {
294 { BPF_LD+BPF_B+BPF_ABS, 0, 0, 0 }, /* is this an IPv4 header? */
295 { BPF_ALU+BPF_RSH+BPF_K, 0, 0, 4 },
296 { BPF_JMP+BPF_JEQ+BPF_K, 0, 7, 4 },
297 { BPF_LD+BPF_B+BPF_ABS, 0, 0, 9 }, /* is this a UDP packet? */
298 { BPF_JMP+BPF_JEQ+BPF_K, 0, 5, IPPROTO_UDP },
299 { BPF_LDX+BPF_B+BPF_MSH, 0, 0, 0 },
300 { BPF_LD+BPF_H+BPF_IND, 0, 0, 0 }, /* source port 12345? */
301 { BPF_JMP+BPF_JEQ+BPF_K, 0, 2, TEST_PORT_A },
302 { BPF_LD+BPF_H+BPF_IND, 0, 0, 2 }, /* destination port 12346? */
303 { BPF_JMP+BPF_JEQ+BPF_K, 1, 0, TEST_PORT_B },
304 { BPF_RET+BPF_K, 0, 0, 0 }, /* reject the packet */
305 { BPF_RET+BPF_K, 0, 0, (uint32_t)-1 }, /* accept the (whole) packet */
306 };
307
308 /*
309 * Set up a BPF device, a pair of sockets of which traffic will be captured on
310 * the BPF device, a buffer for capturing packets, and optionally a filter.
311 * If the given size is non-zero, use that as buffer size. Return the BPF
312 * device's actual buffer size, which is also the size of 'buf'.
313 */
314 static size_t
test94_setup(int * fd,int * fd2,int * fd3,uint8_t ** buf,unsigned int size,int set_filter)315 test94_setup(int * fd, int * fd2, int * fd3, uint8_t ** buf, unsigned int size,
316 int set_filter)
317 {
318 struct sockaddr_in sinA, sinB;
319 struct ifreq ifr;
320 struct bpf_program bf;
321 unsigned int dlt;
322
323 if ((*fd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
324
325 if (size != 0 && ioctl(*fd, BIOCSBLEN, &size) != 0) e(0);
326
327 if (ioctl(*fd, BIOCGBLEN, &size) != 0) e(0);
328 if (size < 1024 || size > BPF_MAXBUFSIZE) e(0);
329
330 if ((*buf = malloc(size)) == NULL) e(0);
331
332 if (set_filter) {
333 /*
334 * Install a filter to improve predictability for the tests.
335 */
336 memset(&bf, 0, sizeof(bf));
337 bf.bf_len = __arraycount(test94_filter);
338 bf.bf_insns = test94_filter;
339 if (ioctl(*fd, BIOCSETF, &bf) != 0) e(0);
340 }
341
342 /* Bind to the loopback device. */
343 memset(&ifr, 0, sizeof(ifr));
344 strlcpy(ifr.ifr_name, LOOPBACK_IFNAME, sizeof(ifr.ifr_name));
345 if (ioctl(*fd, BIOCSETIF, &ifr) != 0) e(0);
346
347 /*
348 * If the loopback device's data link type is not DLT_RAW, our filter
349 * and size calculations will not work.
350 */
351 if (ioctl(*fd, BIOCGDLT, &dlt) != 0) e(0);
352 if (dlt != DLT_RAW) e(0);
353
354 /* We use UDP traffic for our test packets. */
355 if ((*fd2 = socket(AF_INET, SOCK_DGRAM, 0)) < 0) e(0);
356
357 memset(&sinA, 0, sizeof(sinA));
358 sinA.sin_family = AF_INET;
359 sinA.sin_port = htons(TEST_PORT_A);
360 sinA.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
361 if (bind(*fd2, (struct sockaddr *)&sinA, sizeof(sinA)) != 0) e(0);
362
363 memcpy(&sinB, &sinA, sizeof(sinB));
364 sinB.sin_port = htons(TEST_PORT_B);
365 if (connect(*fd2, (struct sockaddr *)&sinB, sizeof(sinB)) != 0) e(0);
366
367 if ((*fd3 = socket(AF_INET, SOCK_DGRAM, 0)) < 0) e(0);
368
369 if (bind(*fd3, (struct sockaddr *)&sinB, sizeof(sinB)) != 0) e(0);
370
371 if (connect(*fd3, (struct sockaddr *)&sinA, sizeof(sinA)) != 0) e(0);
372
373 return size;
374 }
375
376 /*
377 * Clean up resources allocated by test94_setup().
378 */
379 static void
test94_cleanup(int fd,int fd2,int fd3,uint8_t * buf)380 test94_cleanup(int fd, int fd2, int fd3, uint8_t * buf)
381 {
382
383 if (close(fd3) != 0) e(0);
384
385 if (close(fd2) != 0) e(0);
386
387 free(buf);
388
389 if (close(fd) != 0) e(0);
390 }
391
392 /*
393 * Test reading packets from a BPF device, using regular mode.
394 */
395 static void
test94a(void)396 test94a(void)
397 {
398 struct bpf_program bf;
399 struct timeval tv;
400 fd_set fds;
401 uint8_t *buf;
402 pid_t pid;
403 size_t size;
404 ssize_t len;
405 uint32_t seq;
406 int fd, fd2, fd3, status, bytes, fl;
407
408 subtest = 1;
409
410 size = test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
411 0 /*set_filter*/);
412
413 /*
414 * Test that a filled-up store buffer will be returned to a pending
415 * read call. Perform this first test without a filter, to ensure that
416 * the default behavior is to accept all packets. The side effect is
417 * that we may receive other loopback traffic as part of our capture.
418 */
419 pid = fork();
420 switch (pid) {
421 case 0:
422 errct = 0;
423
424 usleep(SLEEP_TIME);
425
426 test94_fill_random(fd2, buf, size);
427
428 exit(errct);
429 case -1:
430 e(0);
431
432 break;
433 default:
434 break;
435 }
436
437 len = read(fd, buf, size);
438
439 if (len < size * 3/4) e(0);
440 if (len > size) e(0);
441 test94_check(buf, len, 1 /*seq*/, 0 /*filtered*/, NULL /*caplen*/,
442 NULL /*datalen*/);
443
444 if (wait(&status) != pid) e(0);
445 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
446
447 /* Only the exact buffer size may be used in read calls. */
448 if (read(fd, buf, size - 1) != -1) e(0);
449 if (errno != EINVAL) e(0);
450 if (read(fd, buf, size + 1) != -1) e(0);
451 if (errno != EINVAL) e(0);
452 if (read(fd, buf, sizeof(struct bpf_hdr)) != -1) e(0);
453 if (errno != EINVAL) e(0);
454
455 /*
456 * Install a filter to improve predictability for the remaining tests.
457 */
458 memset(&bf, 0, sizeof(bf));
459 bf.bf_len = __arraycount(test94_filter);
460 bf.bf_insns = test94_filter;
461 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
462
463 /*
464 * Next we want to test that an already filled-up buffer will be
465 * returned to a read call immediately. We take the opportunity to
466 * test that filling the buffer will also wake up a blocked select
467 * call. In addition, we test ioctl(FIONREAD).
468 */
469 tv.tv_sec = 0;
470 tv.tv_usec = 0;
471 FD_ZERO(&fds);
472 FD_SET(fd, &fds);
473 if (select(fd + 1, &fds, NULL, NULL, &tv) != 0) e(0);
474 if (FD_ISSET(fd, &fds)) e(0);
475
476 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
477 if (bytes != 0) e(0);
478
479 pid = fork();
480 switch (pid) {
481 case 0:
482 errct = 0;
483
484 usleep(SLEEP_TIME);
485
486 test94_fill_random(fd2, buf, size);
487
488 exit(errct);
489 case -1:
490 e(0);
491
492 break;
493 default:
494 break;
495 }
496
497 FD_ZERO(&fds);
498 FD_SET(fd, &fds);
499 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
500 if (!FD_ISSET(fd, &fds)) e(0);
501
502 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
503
504 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
505 if (!FD_ISSET(fd, &fds)) e(0);
506
507 len = read(fd, buf, size);
508
509 if (len < size * 3/4) e(0);
510 if (len > size) e(0);
511 seq = test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/,
512 NULL /*caplen*/, NULL /*datalen*/);
513
514 if (len != bytes) e(0);
515
516 if (wait(&status) != pid) e(0);
517 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
518
519 /* There is one more packet in the store buffer at this point. */
520 tv.tv_sec = 0;
521 tv.tv_usec = 0;
522 FD_ZERO(&fds);
523 FD_SET(fd, &fds);
524 if (select(fd + 1, &fds, NULL, NULL, &tv) != 0) e(0);
525 if (FD_ISSET(fd, &fds)) e(0);
526
527 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
528 if (bytes != 0) e(0);
529
530 /*
531 * Next, we test whether read timeouts work, first checking that a
532 * timed-out read call returns any packets currently in the buffer.
533 * We use sleep and a signal as a crude way to test that the call was
534 * actually blocked until the timeout occurred.
535 */
536 got_signal = 0;
537
538 pid = fork();
539 switch (pid) {
540 case 0:
541 errct = 0;
542
543 signal(SIGUSR1, test94_signal);
544
545 usleep(SLEEP_TIME);
546
547 test94_add_random(fd2, buf, size, seq + 1);
548
549 usleep(SLEEP_TIME);
550
551 if (got_signal != 0) e(0);
552 pause();
553 if (got_signal != 1) e(0);
554
555 exit(errct);
556 case -1:
557 e(0);
558
559 break;
560 default:
561 break;
562 }
563
564 tv.tv_sec = 0;
565 tv.tv_usec = SLEEP_TIME * 3;
566 if (ioctl(fd, BIOCSRTIMEOUT, &tv) != 0) e(0);
567
568 len = read(fd, buf, size);
569 if (len <= 0) e(0);
570 if (len >= size * 3/4) e(0); /* two packets < 3/4 of the size */
571 if (test94_check(buf, len, seq, 1 /*filtered*/, NULL /*caplen*/,
572 NULL /*datalen*/) != seq + 2) e(0);
573
574 if (kill(pid, SIGUSR1) != 0) e(0);
575
576 if (wait(&status) != pid) e(0);
577 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
578
579 /*
580 * Next, see if a timed-out read will all buffers empty yields EAGAIN.
581 */
582 tv.tv_sec = 0;
583 tv.tv_usec = SLEEP_TIME;
584 if (ioctl(fd, BIOCSRTIMEOUT, &tv) != 0) e(0);
585
586 if (read(fd, buf, size) != -1) e(0);
587 if (errno != EAGAIN) e(0);
588
589 /*
590 * Verify that resetting the timeout to zero makes the call block
591 * forever (for short test values of "forever" anyway), because
592 * otherwise this may create a false illusion of correctness in the
593 * next test, for non-blocking calls. As a side effect, this tests
594 * read call signal interruption, and ensures no partial results are
595 * returned in that case.
596 */
597 tv.tv_sec = 0;
598 tv.tv_usec = 0;
599 if (ioctl(fd, BIOCSRTIMEOUT, &tv) != 0) e(0);
600
601 pid = fork();
602 switch (pid) {
603 case 0:
604 errct = 0;
605
606 signal(SIGUSR1, test94_signal);
607
608 if (read(fd, buf, size) != -1) e(0);
609 if (errno != EINTR) e(0);
610
611 if (got_signal != 1) e(0);
612
613 exit(errct);
614 case -1:
615 e(0);
616
617 break;
618 default:
619 break;
620 }
621
622 usleep(SLEEP_TIME * 2);
623
624 if (kill(pid, SIGUSR1) != 0) e(0);
625
626 if (wait(&status) != pid) e(0);
627 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
628
629 /*
630 * Repeat the same test with a non-full, non-empty buffer, to ensure
631 * that interrupted reads do not return partial results.
632 */
633 pid = fork();
634 switch (pid) {
635 case 0:
636 errct = 0;
637
638 signal(SIGUSR1, test94_signal);
639
640 if (read(fd, buf, size) != -1) e(0);
641 if (errno != EINTR) e(0);
642
643 if (got_signal != 1) e(0);
644
645 exit(errct);
646 case -1:
647 e(0);
648
649 break;
650 default:
651 break;
652 }
653
654 usleep(SLEEP_TIME);
655
656 test94_add_random(fd2, buf, size, 2);
657
658 usleep(SLEEP_TIME);
659
660 if (kill(pid, SIGUSR1) != 0) e(0);
661
662 if (wait(&status) != pid) e(0);
663 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
664
665 /*
666 * Test non-blocking reads with empty, full, and non-empty buffers.
667 * Against common sense, the last case should return whatever is in
668 * the buffer rather than EAGAIN, like immediate-mode reads would.
669 */
670 if ((fl = fcntl(fd, F_GETFL)) == -1) e(0);
671 if (fcntl(fd, F_SETFL, fl | O_NONBLOCK) != 0) e(0);
672
673 len = read(fd, buf, size);
674 if (len <= 0) e(0);
675 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
676 seq = test94_check(buf, len, 2 /*seq*/, 1 /*filtered*/,
677 NULL /*caplen*/, NULL /*datalen*/);
678
679 if (read(fd, buf, size) != -1) e(0);
680 if (errno != EAGAIN) e(0);
681
682 test94_fill_random(fd2, buf, size);
683
684 len = read(fd, buf, size);
685 if (len < size * 3/4) e(0);
686 if (len > size) e(0);
687 seq = test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/,
688 NULL /*caplen*/, NULL /*datalen*/);
689
690 len = read(fd, buf, size);
691
692 if (len <= 0) e(0);
693 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
694 if (test94_check(buf, len, seq, 1 /*filtered*/, NULL /*caplen*/,
695 NULL /*datalen*/) != seq + 1) e(0);
696
697 if (fcntl(fd, F_SETFL, fl) != 0) e(0);
698
699 /*
700 * Test two remaining aspects of select(2): single-packet arrivals do
701 * not cause a wake-up, and the read timer has no effect. The latter
702 * is a deliberate implementation choice where we diverge from NetBSD,
703 * because it requires keeping state in a way that violates the
704 * principle of system call independence.
705 */
706 tv.tv_sec = 0;
707 tv.tv_usec = SLEEP_TIME * 2;
708 if (ioctl(fd, BIOCSRTIMEOUT, &tv) != 0) e(0);
709
710 pid = fork();
711 switch (pid) {
712 case 0:
713 errct = 0;
714
715 usleep(SLEEP_TIME);
716
717 test94_add_random(fd2, buf, size, 1);
718
719 exit(errct);
720 case -1:
721 e(0);
722
723 break;
724 default:
725 break;
726 }
727
728 tv.tv_sec = 1;
729 tv.tv_usec = 0;
730 FD_ZERO(&fds);
731 FD_SET(fd, &fds);
732 if (select(fd + 1, &fds, NULL, NULL, &tv) != 0) e(0);
733
734 if (wait(&status) != pid) e(0);
735 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
736
737 test94_cleanup(fd, fd2, fd3, buf);
738 }
739
740 /*
741 * Test reading packets from a BPF device, using immediate mode.
742 */
743 static void
test94b(void)744 test94b(void)
745 {
746 struct timeval tv;
747 fd_set fds;
748 uint8_t *buf;
749 unsigned int val;
750 size_t size;
751 ssize_t len;
752 uint32_t seq;
753 pid_t pid;
754 int fd, fd2, fd3, bytes, status, fl;
755
756 subtest = 2;
757
758 size = test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
759 1 /*set_filter*/);
760
761 val = 1;
762 if (ioctl(fd, BIOCIMMEDIATE, &val) != 0) e(0);
763
764 tv.tv_sec = 0;
765 tv.tv_usec = 0;
766 FD_ZERO(&fds);
767 FD_SET(fd, &fds);
768 if (select(fd + 1, &fds, NULL, NULL, &tv) != 0) e(0);
769
770 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
771 if (bytes != 0) e(0);
772
773 /*
774 * Ensure that if the hold buffer is full, an immediate-mode read
775 * returns the content of the hold buffer, even if the store buffer is
776 * not empty.
777 */
778 test94_fill_random(fd2, buf, size);
779
780 FD_ZERO(&fds);
781 FD_SET(fd, &fds);
782 if (select(fd + 1, &fds, NULL, NULL, &tv) != 1) e(0);
783 if (!FD_ISSET(fd, &fds)) e(0);
784
785 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
786
787 len = read(fd, buf, size);
788 if (len < size * 3/4) e(0);
789 if (len > size) e(0);
790 seq = test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/,
791 NULL /*caplen*/, NULL /*datalen*/);
792
793 if (len != bytes) e(0);
794
795 /*
796 * There is one packet left in the buffer. In immediate mode, this
797 * packet should be returned immediately.
798 */
799 FD_ZERO(&fds);
800 FD_SET(fd, &fds);
801 if (select(fd + 1, &fds, NULL, NULL, &tv) != 1) e(0);
802 if (!FD_ISSET(fd, &fds)) e(0);
803
804 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
805
806 len = read(fd, buf, size);
807 if (len <= 0) e(0);
808 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
809 if (test94_check(buf, len, seq, 1 /*filtered*/, NULL /*caplen*/,
810 NULL /*datalen*/) != seq + 1) e(0);
811
812 if (len != bytes) e(0);
813
814 /* The buffer is now empty again. */
815 FD_ZERO(&fds);
816 FD_SET(fd, &fds);
817 if (select(fd + 1, &fds, NULL, NULL, &tv) != 0) e(0);
818
819 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
820 if (bytes != 0) e(0);
821
822 /*
823 * Immediate-mode reads may return multiple packets from the store
824 * buffer.
825 */
826 test94_add_random(fd2, buf, size, seq + 1);
827 test94_add_random(fd2, buf, size, seq + 2);
828
829 FD_ZERO(&fds);
830 FD_SET(fd, &fds);
831 if (select(fd + 1, &fds, NULL, NULL, &tv) != 1) e(0);
832 if (!FD_ISSET(fd, &fds)) e(0);
833
834 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
835
836 len = read(fd, buf, size);
837 if (len <= 0) e(0);
838 if (len >= size * 3/4) e(0); /* two packets < 3/4 of the size */
839 if (test94_check(buf, len, seq + 1, 1 /*filtered*/, NULL /*caplen*/,
840 NULL /*datalen*/) != seq + 3) e(0);
841
842 if (len != bytes) e(0);
843
844 /*
845 * Now test waking up suspended calls, read(2) first.
846 */
847 pid = fork();
848 switch (pid) {
849 case 0:
850 errct = 0;
851
852 usleep(SLEEP_TIME);
853
854 test94_add_random(fd2, buf, size, seq + 3);
855
856 exit(errct);
857 case -1:
858 e(0);
859
860 break;
861 default:
862 break;
863 }
864
865 len = read(fd, buf, size);
866 if (len <= 0) e(0);
867 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
868 if (test94_check(buf, len, seq + 3, 1 /*filtered*/, NULL /*caplen*/,
869 NULL /*datalen*/) != seq + 4) e(0);
870
871 if (wait(&status) != pid) e(0);
872 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
873
874 /*
875 * Then select(2).
876 */
877 pid = fork();
878 switch (pid) {
879 case 0:
880 errct = 0;
881
882 usleep(SLEEP_TIME);
883
884 test94_add_random(fd2, buf, size, seq + 4);
885
886 exit(errct);
887 case -1:
888 e(0);
889
890 break;
891 default:
892 break;
893 }
894
895 FD_ZERO(&fds);
896 FD_SET(fd, &fds);
897 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
898 if (!FD_ISSET(fd, &fds)) e(0);
899
900 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
901
902 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
903 if (!FD_ISSET(fd, &fds)) e(0);
904
905 len = read(fd, buf, size);
906 if (len <= 0) e(0);
907 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
908 if (test94_check(buf, len, seq + 4, 1 /*filtered*/, NULL /*caplen*/,
909 NULL /*datalen*/) != seq + 5) e(0);
910
911 if (len != bytes) e(0);
912
913 if (wait(&status) != pid) e(0);
914 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
915
916 /*
917 * Non-blocking reads should behave just as with regular mode.
918 */
919 if ((fl = fcntl(fd, F_GETFL)) == -1) e(0);
920 if (fcntl(fd, F_SETFL, fl | O_NONBLOCK) != 0) e(0);
921
922 if (read(fd, buf, size) != -1) e(0);
923 if (errno != EAGAIN) e(0);
924
925 test94_fill_random(fd2, buf, size);
926
927 len = read(fd, buf, size);
928 if (len < size * 3/4) e(0);
929 if (len > size) e(0);
930 seq = test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/,
931 NULL /*caplen*/, NULL /*datalen*/);
932
933 len = read(fd, buf, size);
934 if (len <= 0) e(0);
935 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
936 if (test94_check(buf, len, seq, 1 /*filtered*/, NULL /*caplen*/,
937 NULL /*datalen*/) != seq + 1) e(0);
938
939 if (fcntl(fd, F_SETFL, fl) != 0) e(0);
940
941 /*
942 * Timeouts should work with immediate mode.
943 */
944 tv.tv_sec = 0;
945 tv.tv_usec = SLEEP_TIME;
946 if (ioctl(fd, BIOCSRTIMEOUT, &tv) != 0) e(0);
947
948 if (read(fd, buf, size) != -1) e(0);
949 if (errno != EAGAIN) e(0);
950
951 test94_cleanup(fd, fd2, fd3, buf);
952 }
953
954 /*
955 * Test reading packets from a BPF device, with an exactly filled buffer. The
956 * idea is that normally the store buffer is considered "full" if the next
957 * packet does not fit in it, but if no more bytes are left in it, it can be
958 * rotated immediately. This is a practically useless edge case, but we
959 * support it, so we might as well test it. Also, some of the code for this
960 * case is shared with other rare cases that we cannot test here (interfaces
961 * disappearing, to be specific), and exactly filling up the buffers does test
962 * some other bounds checks so all that might make this worth it anyway. While
963 * we are exercising full control over our buffers, also check statistics.
964 */
965 static void
test94c(void)966 test94c(void)
967 {
968 struct bpf_stat bs;
969 fd_set fds;
970 uint8_t *buf;
971 size_t size;
972 pid_t pid;
973 uint32_t count, seq;
974 int fd, fd2, fd3, bytes, status, fl;
975
976 subtest = 3;
977
978 size = test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
979 1 /*set_filter*/);
980
981 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
982 if (bs.bs_capt != 0) e(0);
983 if (bs.bs_drop != 0) e(0);
984
985 /*
986 * Test read, select, and ioctl(FIONREAD) on an exactly filled buffer.
987 */
988 count = test94_fill_exact(fd2, buf, size, 0);
989
990 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
991 if (bs.bs_capt != count) e(0);
992 if (bs.bs_recv < bs.bs_capt) e(0); /* may be more */
993 if (bs.bs_drop != 0) e(0);
994
995 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
996 if (bytes != size) e(0);
997
998 FD_ZERO(&fds);
999 FD_SET(fd, &fds);
1000 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
1001 if (!FD_ISSET(fd, &fds)) e(0);
1002
1003 if (read(fd, buf, size) != size) e(0);
1004 test94_check(buf, size, 0 /*seq*/, 1 /*filtered*/, NULL /*caplen*/,
1005 NULL /*datalen*/);
1006
1007 /*
1008 * If the store buffer is full, the buffers should be swapped after
1009 * emptying the hold buffer.
1010 */
1011 seq = test94_fill_exact(fd2, buf, size, 1);
1012 test94_fill_exact(fd2, buf, size, seq);
1013
1014 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1015 if (bs.bs_capt != count * 3) e(0);
1016 if (bs.bs_recv < bs.bs_capt) e(0); /* may be more */
1017 if (bs.bs_drop != 0) e(0);
1018
1019 test94_add_random(fd2, buf, size, 0); /* this one will get dropped */
1020
1021 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1022 if (bs.bs_capt != count * 3 + 1) e(0);
1023 if (bs.bs_recv < bs.bs_capt) e(0); /* may be more */
1024 if (bs.bs_drop != 1) e(0);
1025
1026 test94_add_random(fd2, buf, size, 0); /* this one will get dropped */
1027
1028 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1029 if (bs.bs_capt != count * 3 + 2) e(0);
1030 if (bs.bs_recv < bs.bs_capt) e(0); /* may be more */
1031 if (bs.bs_drop != 2) e(0);
1032
1033 if (ioctl(fd, FIONREAD, &bytes) != 0) e(0);
1034 if (bytes != size) e(0);
1035
1036 if (read(fd, buf, size) != size) e(0);
1037 if (test94_check(buf, size, 1 /*seq*/, 1 /*filtered*/, NULL /*caplen*/,
1038 NULL /*datalen*/) != seq) e(0);
1039
1040 if (read(fd, buf, size) != size) e(0);
1041 if (test94_check(buf, size, seq, 1 /*filtered*/, NULL /*caplen*/,
1042 NULL /*datalen*/) != count * 2 + 1) e(0);
1043
1044 /*
1045 * See if an exactly filled buffer resumes reads...
1046 */
1047 pid = fork();
1048 switch (pid) {
1049 case 0:
1050 errct = 0;
1051
1052 usleep(SLEEP_TIME);
1053
1054 test94_fill_exact(fd2, buf, size, 1);
1055
1056 exit(errct);
1057 case -1:
1058 e(0);
1059
1060 break;
1061 default:
1062 break;
1063 }
1064
1065 if (read(fd, buf, size) != size) e(0);
1066 test94_check(buf, size, 1 /*seq*/, 1 /*filtered*/, NULL /*caplen*/,
1067 NULL /*datalen*/);
1068
1069 if (wait(&status) != pid) e(0);
1070 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
1071
1072 /*
1073 * ...and selects.
1074 */
1075 pid = fork();
1076 switch (pid) {
1077 case 0:
1078 errct = 0;
1079
1080 usleep(SLEEP_TIME);
1081
1082 test94_fill_exact(fd2, buf, size, seq);
1083
1084 exit(errct);
1085 case -1:
1086 e(0);
1087
1088 break;
1089 default:
1090 break;
1091 }
1092
1093 FD_ZERO(&fds);
1094 FD_SET(fd, &fds);
1095 if (select(fd + 1, &fds, NULL, NULL, NULL) != 1) e(0);
1096 if (!FD_ISSET(fd, &fds)) e(0);
1097
1098 if ((fl = fcntl(fd, F_GETFL)) == -1) e(0);
1099 if (fcntl(fd, F_SETFL, fl | O_NONBLOCK) != 0) e(0);
1100
1101 if (read(fd, buf, size) != size) e(0);
1102 test94_check(buf, size, seq, 1 /*filtered*/, NULL /*caplen*/,
1103 NULL /*datalen*/);
1104
1105 if (read(fd, buf, size) != -1) e(0);
1106 if (errno != EAGAIN) e(0);
1107
1108 if (wait(&status) != pid) e(0);
1109 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
1110
1111 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1112 if (bs.bs_capt != count * 5 + 2) e(0);
1113 if (bs.bs_recv < bs.bs_capt) e(0); /* may be more */
1114 if (bs.bs_drop != 2) e(0);
1115
1116 test94_cleanup(fd, fd2, fd3, buf);
1117 }
1118
1119 /*
1120 * Test receipt of large packets on BPF devices. Large packets should be
1121 * truncated to the size of the buffer, but unless the filter specifies a
1122 * smaller capture size, no more than that.
1123 */
1124 static void
test94d(void)1125 test94d(void)
1126 {
1127 struct bpf_hdr bh;
1128 uint8_t *buf, *buf2;
1129 size_t size;
1130 ssize_t len;
1131 int fd, fd2, fd3, datalen;
1132
1133 subtest = 4;
1134
1135 /*
1136 * Specify a size smaller than the largest packet we can send on the
1137 * loopback device. The size we specify here is currently the default
1138 * size already anyway, but that might change in the future.
1139 */
1140 size = test94_setup(&fd, &fd2, &fd3, &buf, 32768 /*size*/,
1141 1 /*set_filter*/);
1142 if (size != 32768) e(0);
1143
1144 datalen = 65000;
1145 if (setsockopt(fd2, SOL_SOCKET, SO_SNDBUF, &datalen,
1146 sizeof(datalen)) != 0) e(0);
1147
1148 if ((buf2 = malloc(datalen)) == NULL) e(0);
1149
1150 memset(buf2, 'Y', datalen);
1151 buf2[0] = 'X';
1152 buf2[size - sizeof(struct udphdr) - sizeof(struct ip) -
1153 BPF_WORDALIGN(sizeof(bh)) - 1] = 'Z';
1154
1155 if (write(fd2, buf2, datalen) != datalen) e(0);
1156
1157 if (read(fd, buf, size) != size) e(0);
1158
1159 memcpy(&bh, buf, sizeof(bh));
1160
1161 if (bh.bh_hdrlen != BPF_WORDALIGN(sizeof(bh))) e(0);
1162 if (bh.bh_caplen != size - BPF_WORDALIGN(sizeof(bh))) e(0);
1163 if (bh.bh_datalen !=
1164 sizeof(struct ip) + sizeof(struct udphdr) + datalen) e(0);
1165
1166 if (buf[BPF_WORDALIGN(sizeof(bh)) + sizeof(struct ip) +
1167 sizeof(struct udphdr)] != 'X') e(0);
1168 if (buf[size - 2] != 'Y') e(0);
1169 if (buf[size - 1] != 'Z') e(0);
1170
1171 /*
1172 * Add a smaller packet in between, to ensure that 1) the large packet
1173 * is not split across buffers, and 2) the packet is truncated to the
1174 * size of the buffer, not the available part of the buffer. Note how
1175 * forced rotation and our exact-fill policy preclude us from having to
1176 * use immediate mode for any of this.
1177 */
1178 test94_add_random(fd2, buf, size, 1 /*seq*/);
1179
1180 if (write(fd2, buf2, datalen) != datalen) e(0);
1181
1182 len = read(fd, buf, size);
1183 if (len <= 0) e(0);
1184 if (len >= size * 3/4) e(0); /* one packet < 3/4 of the size */
1185 if (test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/, NULL /*caplen*/,
1186 NULL /*datalen*/) != 2) e(0);
1187
1188 if (read(fd, buf, size) != size) e(0);
1189
1190 memcpy(&bh, buf, sizeof(bh));
1191
1192 if (bh.bh_hdrlen != BPF_WORDALIGN(sizeof(bh))) e(0);
1193 if (bh.bh_caplen != size - BPF_WORDALIGN(sizeof(bh))) e(0);
1194 if (bh.bh_datalen !=
1195 sizeof(struct ip) + sizeof(struct udphdr) + datalen) e(0);
1196
1197 if (buf[BPF_WORDALIGN(sizeof(bh)) + sizeof(struct ip) +
1198 sizeof(struct udphdr)] != 'X') e(0);
1199 if (buf[size - 2] != 'Y') e(0);
1200 if (buf[size - 1] != 'Z') e(0);
1201
1202 free(buf2);
1203
1204 test94_cleanup(fd, fd2, fd3, buf);
1205 }
1206
1207 /*
1208 * Test whether our filter is active through two-way communication and a
1209 * subsequent check on the BPF statistics. We do not actually look through the
1210 * captured packets, because who knows what else is active on the loopback
1211 * device (e.g., X11) and the extra code specifically to extract our packets in
1212 * the other direction is simply not worth it.
1213 */
1214 static void
test94_comm(int fd,int fd2,int fd3,int filtered)1215 test94_comm(int fd, int fd2, int fd3, int filtered)
1216 {
1217 struct bpf_stat bs;
1218 char c;
1219
1220 if (write(fd2, "A", 1) != 1) e(0);
1221
1222 if (read(fd3, &c, 1) != 1) e(0);
1223 if (c != 'A') e(0);
1224
1225 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1226 if (bs.bs_recv == 0) e(0);
1227 if (bs.bs_capt == 0) e(0);
1228
1229 if (ioctl(fd, BIOCFLUSH) != 0) e(0);
1230
1231 if (write(fd3, "B", 1) != 1) e(0);
1232
1233 if (read(fd2, &c, 1) != 1) e(0);
1234 if (c != 'B') e(0);
1235
1236 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1237 if (bs.bs_recv == 0) e(0);
1238
1239 if (filtered) {
1240 if (bs.bs_capt != 0) e(0);
1241 if (bs.bs_drop != 0) e(0);
1242 } else
1243 if (bs.bs_capt == 0) e(0);
1244
1245 if (ioctl(fd, BIOCFLUSH) != 0) e(0);
1246 }
1247
1248 /*
1249 * Test filter installation and mechanics.
1250 */
1251 static void
test94e(void)1252 test94e(void)
1253 {
1254 struct bpf_program bf;
1255 struct bpf_stat bs;
1256 struct bpf_hdr bh;
1257 uint8_t *buf;
1258 size_t size, len, plen, alen, off;
1259 uint32_t seq, caplen[4], datalen[4];
1260 int i, fd, fd2, fd3, val;
1261
1262 subtest = 5;
1263
1264 /*
1265 * We have already tested installing a filter both before and after
1266 * attaching to an interface by now, so we do not repeat that here.
1267 */
1268 size = test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
1269 0 /*set_filter*/);
1270
1271 val = 1;
1272 if (ioctl(fd, BIOCIMMEDIATE, &val) != 0) e(0);
1273
1274 /*
1275 * A filter that is too large is rejected. Unfortunately, due to
1276 * necessary IOCTL rewriting, this tests libc, not the service.
1277 */
1278 memset(&bf, 0, sizeof(bf));
1279 bf.bf_len = BPF_MAXINSNS + 1;
1280 bf.bf_insns = NULL;
1281 if (ioctl(fd, BIOCSETF, &bf) != -1) e(0);
1282 if (errno != EINVAL) e(0);
1283
1284 /*
1285 * An invalid filter is rejected. In this test case, the truncated
1286 * filter has a jump target beyond the end of the filter program.
1287 */
1288 memset(&bf, 0, sizeof(bf));
1289 bf.bf_len = __arraycount(test94_filter) - 1;
1290 bf.bf_insns = test94_filter;
1291 if (ioctl(fd, BIOCSETF, &bf) != -1) e(0);
1292 if (errno != EINVAL) e(0);
1293
1294 test94_comm(fd, fd2, fd3, 0 /*filtered*/);
1295
1296 bf.bf_len++;
1297 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1298
1299 test94_comm(fd, fd2, fd3, 1 /*filtered*/);
1300
1301 /*
1302 * Installing a zero-length filter clears the current filter, if any.
1303 */
1304 memset(&bf, 0, sizeof(bf));
1305 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1306
1307 test94_comm(fd, fd2, fd3, 0 /*filtered*/);
1308
1309 /* Test this twice to trip over unconditional filter deallocation. */
1310 memset(&bf, 0, sizeof(bf));
1311 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1312
1313 test94_comm(fd, fd2, fd3, 0 /*filtered*/);
1314
1315 /*
1316 * Test both aligned and unaligned capture sizes. For each, test
1317 * sizes larger than, equal to, and smaller than the capture size.
1318 * In both cases, aggregate the packets into a single buffer and only
1319 * then go through them, to see whether alignment was done correctly.
1320 * We cannot do everything in one go as BIOCSETF implies a BIOCFLUSH.
1321 */
1322 plen = sizeof(struct ip) + sizeof(struct udphdr) + sizeof(seq);
1323 if (BPF_WORDALIGN(plen) != plen) e(0);
1324 alen = BPF_WORDALIGN(plen + 1);
1325 if (alen - 2 <= plen + 1) e(0);
1326
1327 /* First the aligned cases. */
1328 test94_filter[__arraycount(test94_filter) - 1].k = alen;
1329
1330 memset(&bf, 0, sizeof(bf));
1331 bf.bf_len = __arraycount(test94_filter);
1332 bf.bf_insns = test94_filter;
1333 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1334
1335 test94_comm(fd, fd2, fd3, 1 /*filtered*/);
1336
1337 test94_add_specific(fd2, buf, alen + 1 - plen, 1);
1338 caplen[0] = alen;
1339 datalen[0] = alen + 1;
1340
1341 test94_add_specific(fd2, buf, alen - plen, 2);
1342 caplen[1] = alen;
1343 datalen[1] = alen;
1344
1345 test94_add_specific(fd2, buf, alen + 3 - plen, 3);
1346 caplen[2] = alen;
1347 datalen[2] = alen + 3;
1348
1349 test94_add_specific(fd2, buf, alen - 1 - plen, 4);
1350 caplen[3] = alen - 1;
1351 datalen[3] = alen - 1;
1352
1353 memset(buf, 0, size);
1354
1355 len = read(fd, buf, size);
1356
1357 if (test94_check(buf, len, 1 /*seq*/, 1 /*filtered*/, caplen,
1358 datalen) != 5) e(0);
1359
1360 /* Then the unaligned cases. */
1361 test94_filter[__arraycount(test94_filter) - 1].k = alen + 1;
1362 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1363
1364 test94_add_specific(fd2, buf, alen + 2 - plen, 5);
1365 caplen[0] = alen + 1;
1366 datalen[0] = alen + 2;
1367
1368 test94_add_specific(fd2, buf, alen + 1 - plen, 6);
1369 caplen[1] = alen + 1;
1370 datalen[1] = alen + 1;
1371
1372 test94_add_specific(fd2, buf, alen + 9 - plen, 7);
1373 caplen[2] = alen + 1;
1374 datalen[2] = alen + 9;
1375
1376 test94_add_specific(fd2, buf, alen - plen, 8);
1377 caplen[3] = alen;
1378 datalen[3] = alen;
1379
1380 memset(buf, 0, size);
1381
1382 len = read(fd, buf, size);
1383
1384 if (test94_check(buf, len, 5 /*seq*/, 1 /*filtered*/, caplen,
1385 datalen) != 9) e(0);
1386
1387 /*
1388 * Check that capturing only one byte from packets is possible. Not
1389 * that that would be particularly useful.
1390 */
1391 test94_filter[__arraycount(test94_filter) - 1].k = 1;
1392 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1393
1394 test94_add_random(fd2, buf, size, 9);
1395 test94_add_random(fd2, buf, size, 10);
1396 test94_add_random(fd2, buf, size, 11);
1397
1398 memset(buf, 0, size);
1399
1400 len = read(fd, buf, size);
1401 if (len <= 0) e(0);
1402
1403 off = 0;
1404 for (i = 0; i < 3; i++) {
1405 if (len - off < sizeof(bh)) e(0);
1406 memcpy(&bh, &buf[off], sizeof(bh));
1407
1408 if (bh.bh_tstamp.tv_sec == 0 && bh.bh_tstamp.tv_usec == 0)
1409 e(0);
1410 if (bh.bh_caplen != 1) e(0);
1411 if (bh.bh_datalen < plen) e(0);
1412 if (bh.bh_hdrlen != BPF_WORDALIGN(sizeof(bh))) e(0);
1413
1414 off += bh.bh_hdrlen;
1415
1416 if (buf[off] != 0x45) e(0);
1417
1418 off += BPF_WORDALIGN(bh.bh_caplen);
1419 }
1420 if (off != len) e(0);
1421
1422 /*
1423 * Finally, a zero capture size should result in rejected packets only.
1424 */
1425 test94_filter[__arraycount(test94_filter) - 1].k = 0;
1426 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
1427
1428 test94_add_random(fd2, buf, size, 12);
1429 test94_add_random(fd2, buf, size, 13);
1430 test94_add_random(fd2, buf, size, 14);
1431
1432 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1433 if (bs.bs_recv < 3) e(0);
1434 if (bs.bs_capt != 0) e(0);
1435 if (bs.bs_drop != 0) e(0);
1436
1437 /* Restore the capture limit of the filter to its original state. */
1438 test94_filter[__arraycount(test94_filter) - 1].k = (uint32_t)-1;
1439
1440 test94_cleanup(fd, fd2, fd3, buf);
1441 }
1442
1443 /*
1444 * Compute an IP checksum.
1445 */
1446 static uint16_t
test94_cksum(uint8_t * buf,size_t len)1447 test94_cksum(uint8_t * buf, size_t len)
1448 {
1449 uint32_t sum, word;
1450
1451 /* This is a really dumb implementation but *shrug*. */
1452 for (sum = 0; len > 0; sum += word) {
1453 if (len > 1) {
1454 word = buf[0] << 8 | buf[1];
1455 buf += 2;
1456 len -= 2;
1457 } else {
1458 word = buf[0] << 8;
1459 len--;
1460 }
1461 }
1462
1463 while (sum > UINT16_MAX)
1464 sum = (sum & UINT16_MAX) + (sum >> 16);
1465
1466 return ~(uint16_t)sum;
1467 }
1468
1469 /*
1470 * Set up UDP headers for a packet. The packet uses IPv4 unless 'v6' is set,
1471 * in which case IPv6 is used. The given buffer must be large enough to
1472 * contain the headers and the (to be appended) data. The function returns the
1473 * offset into the buffer to the data portion of the packet.
1474 */
1475 static size_t
test94_make_pkt(uint8_t * buf,size_t len,int v6)1476 test94_make_pkt(uint8_t * buf, size_t len, int v6)
1477 {
1478 struct ip ip;
1479 struct ip6_hdr ip6;
1480 struct udphdr uh;
1481 size_t off;
1482
1483 if (!v6) {
1484 memset(&ip, 0, sizeof(ip));
1485 ip.ip_v = IPVERSION;
1486 ip.ip_hl = sizeof(ip) >> 2;
1487 ip.ip_len = htons(sizeof(ip) + sizeof(uh) + len);
1488 ip.ip_ttl = 255;
1489 ip.ip_p = IPPROTO_UDP;
1490 ip.ip_sum = 0;
1491 ip.ip_src.s_addr = htonl(INADDR_LOOPBACK);
1492 ip.ip_dst.s_addr = htonl(INADDR_LOOPBACK);
1493
1494 memcpy(buf, &ip, sizeof(ip));
1495 ip.ip_sum = htons(test94_cksum(buf, sizeof(ip)));
1496 memcpy(buf, &ip, sizeof(ip));
1497 if (test94_cksum(buf, sizeof(ip)) != 0) e(0);
1498
1499 off = sizeof(ip);
1500 } else {
1501 memset(&ip6, 0, sizeof(ip6));
1502 ip6.ip6_vfc = IPV6_VERSION;
1503 ip6.ip6_plen = htons(sizeof(uh) + len);
1504 ip6.ip6_nxt = IPPROTO_UDP;
1505 ip6.ip6_hlim = 255;
1506 memcpy(&ip6.ip6_src, &in6addr_loopback, sizeof(ip6.ip6_src));
1507 memcpy(&ip6.ip6_dst, &in6addr_loopback, sizeof(ip6.ip6_dst));
1508
1509 memcpy(buf, &ip6, sizeof(ip6));
1510
1511 off = sizeof(ip6);
1512 }
1513
1514 memset(&uh, 0, sizeof(uh));
1515 uh.uh_sport = htons(TEST_PORT_A);
1516 uh.uh_dport = htons(TEST_PORT_B);
1517 uh.uh_ulen = htons(sizeof(uh) + len);
1518 uh.uh_sum = 0; /* lazy but we also don't have the data yet */
1519
1520 memcpy(buf + off, &uh, sizeof(uh));
1521
1522 return off + sizeof(uh);
1523 }
1524
1525 /*
1526 * Test sending packets by writing to a BPF device.
1527 */
1528 static void
test94f(void)1529 test94f(void)
1530 {
1531 struct bpf_stat bs;
1532 struct ifreq ifr;
1533 fd_set fds;
1534 uint8_t *buf;
1535 size_t off;
1536 unsigned int i, uval, mtu;
1537 int fd, fd2, fd3;
1538
1539 subtest = 6;
1540
1541 (void)test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
1542 1 /*set_filter*/);
1543
1544 /*
1545 * Select queries should always indicate that the device is writable.
1546 */
1547 FD_ZERO(&fds);
1548 FD_SET(fd, &fds);
1549 if (select(fd + 1, NULL, &fds, NULL, NULL) != 1) e(0);
1550 if (!FD_ISSET(fd, &fds)) e(0);
1551
1552 /*
1553 * Test packet size limits. For loopback devices, the maximum data
1554 * link layer level maximum transmission unit should be 65535-4 =
1555 * 65531 bytes. Obtain the actual value anyway; it might have changed.
1556 */
1557 memset(&ifr, 0, sizeof(ifr));
1558 strlcpy(ifr.ifr_name, LOOPBACK_IFNAME, sizeof(ifr.ifr_name));
1559
1560 if (ioctl(fd2, SIOCGIFMTU, &ifr) != 0) e(0);
1561 mtu = ifr.ifr_mtu;
1562
1563 if ((buf = realloc(buf, UINT16_MAX + 1)) == NULL) e(0);
1564
1565 memset(buf, 0, UINT16_MAX + 1);
1566
1567 for (i = UINT16_MAX + 1; i > mtu; i--) {
1568 if (write(fd, buf, i) != -1) e(0);
1569 if (errno != EMSGSIZE) e(0);
1570 }
1571
1572 /* This packet will be discarded as completely crap. That's fine. */
1573 if (write(fd, buf, mtu) != mtu) e(0);
1574
1575 /*
1576 * Zero-sized writes are accepted but do not do anything.
1577 */
1578 if (write(fd, buf, 0) != 0) e(0);
1579
1580 /*
1581 * Send an actual packet, and see if it arrives.
1582 */
1583 off = test94_make_pkt(buf, 6, 0 /*v6*/);
1584 memcpy(buf + off, "Hello!", 6);
1585
1586 if (write(fd, buf, off + 6) != off + 6) e(0);
1587
1588 memset(buf, 0, mtu);
1589 if (read(fd3, buf, mtu) != 6) e(0);
1590 if (memcmp(buf, "Hello!", 6) != 0) e(0);
1591
1592 /*
1593 * Enable feedback mode to test that the packet now arrives twice.
1594 * Send a somewhat larger packet to test that data copy-in handles
1595 * offsets correctly.
1596 */
1597 uval = 1;
1598 if (ioctl(fd, BIOCSFEEDBACK, &uval) != 0) e(0);
1599
1600 off = test94_make_pkt(buf, 12345, 0 /*v6*/);
1601 for (i = 0; i < 12345; i++)
1602 buf[off + i] = 1 + (i % 251); /* the largest prime < 255 */
1603
1604 if (write(fd, buf, off + 12345) != off + 12345) e(0);
1605
1606 /* We need a default UDP SO_RCVBUF >= 12345 * 2 for this. */
1607 memset(buf, 0, UINT16_MAX);
1608 if (recv(fd3, buf, UINT16_MAX, 0) != 12345) e(0);
1609 for (i = 0; i < 12345; i++)
1610 if (buf[i] != 1 + (i % 251)) e(0);
1611
1612 memset(buf, 0, UINT16_MAX);
1613 if (recv(fd3, buf, UINT16_MAX, MSG_DONTWAIT) != 12345) e(0);
1614 for (i = 0; i < 12345; i++)
1615 if (buf[i] != 1 + (i % 251)) e(0);
1616
1617 if (recv(fd3, buf, UINT16_MAX, MSG_DONTWAIT) != -1) e(0);
1618 if (errno != EWOULDBLOCK) e(0);
1619
1620 /*
1621 * The two valid packets we sent will have been captured by our BPF
1622 * device as well, because SEESENT is enabled by default and also
1623 * applies to packets written to a BPF device. The reason for that is
1624 * that it allows tcpdump(8) to see what DHCP clients are sending, for
1625 * example. The packets we sent are accepted by the installed filter.
1626 */
1627 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
1628 if (bs.bs_capt != 2) e(0);
1629
1630 /* Now that we've written data, test select once more. */
1631 FD_ZERO(&fds);
1632 FD_SET(fd, &fds);
1633 if (select(fd + 1, NULL, &fds, NULL, NULL) != 1) e(0);
1634 if (!FD_ISSET(fd, &fds)) e(0);
1635
1636 test94_cleanup(fd, fd2, fd3, buf);
1637 }
1638
1639 /*
1640 * Test read, write, and select operations on unconfigured devices.
1641 */
1642 static void
test94g(void)1643 test94g(void)
1644 {
1645 fd_set rfds, wfds;
1646 uint8_t *buf;
1647 unsigned int size;
1648 int fd;
1649
1650 subtest = 7;
1651
1652 if ((fd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
1653
1654 if (ioctl(fd, BIOCGBLEN, &size) != 0) e(0);
1655 if (size < 1024 || size > BPF_MAXBUFSIZE) e(0);
1656
1657 if ((buf = malloc(size)) == NULL) e(0);
1658
1659 if (read(fd, buf, size) != -1) e(0);
1660 if (errno != EINVAL) e(0);
1661
1662 if (write(fd, buf, size) != -1) e(0);
1663 if (errno != EINVAL) e(0);
1664
1665 FD_ZERO(&rfds);
1666 FD_SET(fd, &rfds);
1667 FD_ZERO(&wfds);
1668 FD_SET(fd, &wfds);
1669
1670 if (select(fd + 1, &rfds, &wfds, NULL, NULL) != 2) e(0);
1671
1672 if (!FD_ISSET(fd, &rfds)) e(0);
1673 if (!FD_ISSET(fd, &wfds)) e(0);
1674
1675 free(buf);
1676
1677 if (close(fd) != 0) e(0);
1678 }
1679
1680 /*
1681 * Test various IOCTL calls. Several of these tests are rather superficial,
1682 * because we would need a real interface, rather than the loopback device, to
1683 * test their functionality properly. Also note that we skip various checks
1684 * performed as part of the earlier subtests.
1685 */
1686 static void
test94h(void)1687 test94h(void)
1688 {
1689 struct bpf_stat bs;
1690 struct bpf_version bv;
1691 struct bpf_dltlist bfl;
1692 struct ifreq ifr;
1693 struct timeval tv;
1694 uint8_t *buf;
1695 size_t size;
1696 unsigned int uval, list[2];
1697 int cfd, ufd, fd2, fd3, val;
1698
1699 subtest = 8;
1700
1701 /*
1702 * Many IOCTLs work only on configured or only on unconfigured BPF
1703 * devices, so for convenience we create a file descriptor for each.
1704 */
1705 size = test94_setup(&cfd, &fd2, &fd3, &buf, 0 /*size*/,
1706 1 /*set_filter*/);
1707
1708 if ((ufd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
1709
1710 /*
1711 * The BIOCSBLEN value is silently corrected to fall within a valid
1712 * range, and BIOCGBLEN can be used to obtain the corrected value. We
1713 * do not know the valid range, so we use fairly extreme test values.
1714 */
1715 uval = 1;
1716 if (ioctl(ufd, BIOCSBLEN, &uval) != 0) e(0);
1717
1718 if (ioctl(ufd, BIOCGBLEN, &uval) != 0) e(0);
1719 if (uval < sizeof(struct bpf_hdr) || uval > BPF_MAXBUFSIZE) e(0);
1720
1721 uval = (unsigned int)-1;
1722 if (ioctl(ufd, BIOCSBLEN, &uval) != 0) e(0);
1723
1724 if (ioctl(ufd, BIOCGBLEN, &uval) != 0) e(0);
1725 if (uval < sizeof(struct bpf_hdr) || uval > BPF_MAXBUFSIZE) e(0);
1726
1727 uval = 0;
1728 if (ioctl(ufd, BIOCSBLEN, &uval) != 0) e(0);
1729
1730 if (ioctl(ufd, BIOCGBLEN, &uval) != 0) e(0);
1731 if (uval < sizeof(struct bpf_hdr) || uval > BPF_MAXBUFSIZE) e(0);
1732
1733 uval = 1024; /* ..a value that should be acceptable but small */
1734 if (ioctl(ufd, BIOCSBLEN, &uval) != 0) e(0);
1735 if (ioctl(ufd, BIOCGBLEN, &uval) != 0) e(0);
1736 if (uval != 1024) e(0);
1737
1738 /*
1739 * For configured devices, it is not possible to adjust the buffer size
1740 * but it is possible to obtain its size.
1741 */
1742 if (ioctl(cfd, BIOCSBLEN, &uval) != -1) e(0);
1743 if (errno != EINVAL) e(0);
1744
1745 if (ioctl(cfd, BIOCGBLEN, &uval) != 0) e(0);
1746 if (uval != size) e(0);
1747
1748 /*
1749 * BIOCFLUSH resets both buffer contents and statistics.
1750 */
1751 uval = 1;
1752 if (ioctl(cfd, BIOCIMMEDIATE, &uval) != 0) e(0);
1753
1754 test94_fill_exact(fd2, buf, size, 1 /*seq*/);
1755 test94_fill_exact(fd2, buf, size, 1 /*seq*/);
1756 test94_fill_exact(fd2, buf, size, 1 /*seq*/);
1757
1758 if (ioctl(cfd, BIOCGSTATS, &bs) != 0) e(0);
1759 if (bs.bs_recv == 0) e(0);
1760 if (bs.bs_drop == 0) e(0);
1761 if (bs.bs_capt == 0) e(0);
1762
1763 /* Do make sure that statistics are not cleared on retrieval.. */
1764 if (ioctl(cfd, BIOCGSTATS, &bs) != 0) e(0);
1765 if (bs.bs_recv == 0) e(0);
1766 if (bs.bs_drop == 0) e(0);
1767 if (bs.bs_capt == 0) e(0);
1768
1769 if (ioctl(cfd, FIONREAD, &val) != 0) e(0);
1770 if (val == 0) e(0);
1771
1772 if (ioctl(cfd, BIOCFLUSH) != 0) e(0);
1773
1774 /* There is a race condition for bs_recv here, so we cannot test it. */
1775 if (ioctl(cfd, BIOCGSTATS, &bs) != 0) e(0);
1776 if (bs.bs_drop != 0) e(0);
1777 if (bs.bs_capt != 0) e(0);
1778
1779 if (ioctl(cfd, FIONREAD, &val) != 0) e(0);
1780 if (val != 0) e(0);
1781
1782 /*
1783 * Although practically useless, BIOCFLUSH works on unconfigured
1784 * devices. So does BIOCGSTATS.
1785 */
1786 if (ioctl(ufd, BIOCFLUSH) != 0) e(0);
1787
1788 if (ioctl(ufd, BIOCGSTATS, &bs) != 0) e(0);
1789 if (bs.bs_recv != 0) e(0);
1790 if (bs.bs_drop != 0) e(0);
1791 if (bs.bs_capt != 0) e(0);
1792
1793 /*
1794 * BIOCPROMISC works on configured devices only. On loopback devices
1795 * it has no observable effect though.
1796 */
1797 if (ioctl(ufd, BIOCPROMISC) != -1) e(0);
1798 if (errno != EINVAL) e(0);
1799
1800 if (ioctl(cfd, BIOCPROMISC) != 0) e(0);
1801
1802 /*
1803 * BIOCGDLT does not work on unconfigured devices.
1804 */
1805 if (ioctl(ufd, BIOCGDLT, &uval) != -1) e(0);
1806 if (errno != EINVAL) e(0);
1807
1808 /*
1809 * BIOCGETIF works only on configured devices, where it returns the
1810 * associated device name.
1811 */
1812 if (ioctl(ufd, BIOCGETIF, &ifr) != -1) e(0);
1813 if (errno != EINVAL) e(0);
1814
1815 memset(&ifr, 'X', sizeof(ifr));
1816 if (ioctl(cfd, BIOCGETIF, &ifr) != 0) e(0);
1817 if (strcmp(ifr.ifr_name, LOOPBACK_IFNAME) != 0) e(0);
1818
1819 /*
1820 * BIOCSETIF works only on unconfigured devices, and accepts only valid
1821 * valid interface names. The name is forced to be null terminated.
1822 */
1823 memset(&ifr, 0, sizeof(ifr));
1824 strlcpy(ifr.ifr_name, LOOPBACK_IFNAME, sizeof(ifr.ifr_name));
1825 if (ioctl(cfd, BIOCSETIF, &ifr) != -1) e(0);
1826 if (errno != EINVAL) e(0);
1827
1828 memset(&ifr, 0, sizeof(ifr));
1829 memset(ifr.ifr_name, 'x', sizeof(ifr.ifr_name));
1830 if (ioctl(ufd, BIOCSETIF, &ifr) != -1) e(0);
1831 if (errno != ENXIO) e(0);
1832
1833 /* Anyone that has ten loopback devices is simply insane. */
1834 memset(&ifr, 0, sizeof(ifr));
1835 strlcpy(ifr.ifr_name, LOOPBACK_IFNAME, sizeof(ifr.ifr_name));
1836 ifr.ifr_name[strlen(ifr.ifr_name) - 1] += 9;
1837 if (ioctl(ufd, BIOCSETIF, &ifr) != -1) e(0);
1838 if (errno != ENXIO) e(0);
1839
1840 /*
1841 * It is possible to turn BIOCIMMEDIATE on and off. We already enabled
1842 * it a bit higher up. Note that our implementation does not support
1843 * toggling the setting while a read call is no progress, and toggling
1844 * the setting will have no effect while a select call is in progress;
1845 * similar restrictions apply to effectively all relevant settings.
1846 * Either way we do not test that here either.
1847 */
1848 test94_add_random(fd2, buf, size, 1 /*seq*/);
1849
1850 if (ioctl(cfd, FIONREAD, &val) != 0) e(0);
1851 if (val == 0) e(0);
1852
1853 uval = 0;
1854 if (ioctl(cfd, BIOCIMMEDIATE, &uval) != 0) e(0);
1855
1856 if (ioctl(cfd, FIONREAD, &val) != 0) e(0);
1857 if (val != 0) e(0);
1858
1859 uval = 1;
1860 if (ioctl(cfd, BIOCIMMEDIATE, &uval) != 0) e(0);
1861
1862 if (ioctl(cfd, FIONREAD, &val) != 0) e(0);
1863 if (val == 0) e(0);
1864
1865 if (ioctl(cfd, BIOCFLUSH) != 0) e(0);
1866
1867 /*
1868 * BIOCIMMEDIATE also works on unconfigured devices.
1869 */
1870 uval = 1;
1871 if (ioctl(ufd, BIOCIMMEDIATE, &uval) != 0) e(0);
1872
1873 uval = 0;
1874 if (ioctl(ufd, BIOCIMMEDIATE, &uval) != 0) e(0);
1875
1876 /*
1877 * BIOCVERSION should return the current BPF interface version.
1878 */
1879 if (ioctl(ufd, BIOCVERSION, &bv) != 0) e(0);
1880 if (bv.bv_major != BPF_MAJOR_VERSION) e(0);
1881 if (bv.bv_minor != BPF_MINOR_VERSION) e(0);
1882
1883 /*
1884 * BIOCSHDRCMPLT makes sense only for devices with data link headers,
1885 * which rules out loopback devices. Check the default and test
1886 * toggling it, and stop there.
1887 */
1888 /* The default value is off. */
1889 uval = 1;
1890 if (ioctl(ufd, BIOCGHDRCMPLT, &uval) != 0) e(0);
1891 if (uval != 0) e(0);
1892
1893 uval = 2;
1894 if (ioctl(ufd, BIOCSHDRCMPLT, &uval) != 0) e(0);
1895
1896 if (ioctl(ufd, BIOCGHDRCMPLT, &uval) != 0) e(0);
1897 if (uval != 1) e(0);
1898
1899 uval = 0;
1900 if (ioctl(ufd, BIOCSHDRCMPLT, &uval) != 0) e(0);
1901
1902 uval = 1;
1903 if (ioctl(ufd, BIOCGHDRCMPLT, &uval) != 0) e(0);
1904 if (uval != 0) e(0);
1905
1906 /*
1907 * BIOCSDLT works on configured devices. For loopback devices, it can
1908 * only set the data link type to its current value, which on MINIX3
1909 * for loopback devices is DLT_RAW (i.e., no headers at all).
1910 */
1911 uval = DLT_RAW;
1912 if (ioctl(ufd, BIOCSDLT, &uval) != -1) e(0);
1913 if (errno != EINVAL) e(0);
1914
1915 uval = DLT_RAW;
1916 if (ioctl(cfd, BIOCSDLT, &uval) != 0) e(0);
1917
1918 uval = DLT_NULL;
1919 if (ioctl(cfd, BIOCSDLT, &uval) != -1) e(0);
1920 if (errno != EINVAL) e(0);
1921
1922 if (ioctl(cfd, BIOCGDLT, &uval) != 0) e(0);
1923 if (uval != DLT_RAW) e(0);
1924
1925 /*
1926 * BIOCGDLTLIST works on configured devices only, and may be used to
1927 * both query the size of the list and obtain the list. On MINIX3,
1928 * loopback devices will only ever return DLT_RAW. Unfortunately,
1929 * much of the handling for this IOCTL is in libc for us, which is also
1930 * why we do not test bad pointers and stuff like that.
1931 */
1932 memset(&bfl, 0, sizeof(bfl));
1933 if (ioctl(ufd, BIOCGDLTLIST, &bfl) != -1) e(0);
1934 if (errno != EINVAL) e(0);
1935
1936 memset(&bfl, 0, sizeof(bfl));
1937 if (ioctl(cfd, BIOCGDLTLIST, &bfl) != 0) e(0);
1938 if (bfl.bfl_len != 1) e(0);
1939 if (bfl.bfl_list != NULL) e(0);
1940
1941 memset(&bfl, 0, sizeof(bfl));
1942 bfl.bfl_len = 2; /* should be ignored */
1943 if (ioctl(cfd, BIOCGDLTLIST, &bfl) != 0) e(0);
1944 if (bfl.bfl_len != 1) e(0);
1945 if (bfl.bfl_list != NULL) e(0);
1946
1947 memset(&bfl, 0, sizeof(bfl));
1948 memset(list, 0, sizeof(list));
1949 bfl.bfl_list = list;
1950 if (ioctl(cfd, BIOCGDLTLIST, &bfl) != -1) e(0);
1951 if (errno != ENOMEM) e(0);
1952 if (list[0] != 0) e(0);
1953
1954 memset(&bfl, 0, sizeof(bfl));
1955 bfl.bfl_len = 1;
1956 bfl.bfl_list = list;
1957 if (ioctl(cfd, BIOCGDLTLIST, &bfl) != 0) e(0);
1958 if (bfl.bfl_len != 1) e(0);
1959 if (bfl.bfl_list != list) e(0);
1960 if (list[0] != DLT_RAW) e(0);
1961 if (list[1] != 0) e(0);
1962
1963 memset(&bfl, 0, sizeof(bfl));
1964 memset(list, 0, sizeof(list));
1965 bfl.bfl_len = 2;
1966 bfl.bfl_list = list;
1967 if (ioctl(cfd, BIOCGDLTLIST, &bfl) != 0) e(0);
1968 if (bfl.bfl_len != 1) e(0);
1969 if (bfl.bfl_list != list) e(0);
1970 if (list[0] != DLT_RAW) e(0);
1971 if (list[1] != 0) e(0);
1972
1973 /*
1974 * For loopback devices, BIOCSSEESENT is a bit weird: packets are
1975 * captured on output to get a complete view of loopback traffic, and
1976 * not also on input because that would then duplicate the traffic. As
1977 * a result, turning off BIOCSSEESENT for a loopback device means that
1978 * no packets will be captured at all anymore. First test the default
1979 * and toggling on the unconfigured device, then reproduce the above on
1980 * the configured device.
1981 */
1982 /* The default value is on. */
1983 uval = 0;
1984 if (ioctl(ufd, BIOCGSEESENT, &uval) != 0) e(0);
1985 if (uval != 1) e(0);
1986
1987 uval = 0;
1988 if (ioctl(ufd, BIOCSSEESENT, &uval) != 0) e(0);
1989
1990 uval = 1;
1991 if (ioctl(ufd, BIOCGSEESENT, &uval) != 0) e(0);
1992 if (uval != 0) e(0);
1993
1994 uval = 2;
1995 if (ioctl(ufd, BIOCSSEESENT, &uval) != 0) e(0);
1996
1997 if (ioctl(ufd, BIOCGSEESENT, &uval) != 0) e(0);
1998 if (uval != 1) e(0);
1999
2000 if (ioctl(cfd, BIOCGSEESENT, &uval) != 0) e(0);
2001 if (uval != 1) e(0);
2002
2003 uval = 0;
2004 if (ioctl(cfd, BIOCSSEESENT, &uval) != 0) e(0);
2005
2006 if (ioctl(cfd, BIOCFLUSH) != 0) e(0);
2007
2008 test94_add_random(fd2, buf, size, 1 /*seq*/);
2009
2010 if (ioctl(cfd, BIOCGSTATS, &bs) != 0) e(0);
2011 if (bs.bs_recv != 0) e(0);
2012
2013 uval = 1;
2014 if (ioctl(cfd, BIOCSSEESENT, &uval) != 0) e(0);
2015
2016 if (ioctl(cfd, BIOCFLUSH) != 0) e(0);
2017
2018 test94_add_random(fd2, buf, size, 1 /*seq*/);
2019
2020 if (ioctl(cfd, BIOCGSTATS, &bs) != 0) e(0);
2021 if (bs.bs_recv == 0) e(0);
2022
2023 /*
2024 * The BIOCSRTIMEOUT values are rounded up to clock granularity.
2025 * Invalid timeout values are rejected.
2026 */
2027 /* The default value is zero. */
2028 tv.tv_sec = 99;
2029 if (ioctl(ufd, BIOCGRTIMEOUT, &tv) != 0) e(0);
2030 if (tv.tv_sec != 0) e(0);
2031 if (tv.tv_usec != 0) e(0);
2032
2033 tv.tv_usec = 1000000;
2034 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != -1) e(0);
2035 if (errno != EINVAL) e(0);
2036
2037 tv.tv_usec = -1;
2038 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != -1) e(0);
2039 if (errno != EINVAL) e(0);
2040
2041 tv.tv_sec = -1;
2042 tv.tv_usec = 0;
2043 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != -1) e(0);
2044 if (errno != EINVAL) e(0);
2045
2046 tv.tv_sec = INT_MAX;
2047 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != -1) e(0);
2048 if (errno != EDOM) e(0);
2049
2050 if (ioctl(ufd, BIOCGRTIMEOUT, &tv) != 0) e(0);
2051 if (tv.tv_sec != 0) e(0);
2052 if (tv.tv_usec != 0) e(0);
2053
2054 tv.tv_sec = 123;
2055 tv.tv_usec = 1;
2056 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != 0) e(0);
2057
2058 if (ioctl(ufd, BIOCGRTIMEOUT, &tv) != 0) e(0);
2059 if (tv.tv_sec != 123) e(0);
2060 if (tv.tv_usec == 0) e(0); /* rounding should be up */
2061
2062 tv.tv_sec = 0;
2063 tv.tv_usec = 0;
2064 if (ioctl(ufd, BIOCSRTIMEOUT, &tv) != 0) e(0);
2065
2066 if (ioctl(ufd, BIOCGRTIMEOUT, &tv) != 0) e(0);
2067 if (tv.tv_sec != 0) e(0);
2068 if (tv.tv_usec != 0) e(0);
2069
2070 /*
2071 * BIOCSFEEDBACK is another weird setting for which we only test
2072 * default and toggling here.
2073 */
2074 /* The default value is off. */
2075 uval = 1;
2076 if (ioctl(ufd, BIOCGFEEDBACK, &uval) != 0) e(0);
2077 if (uval != 0) e(0);
2078
2079 uval = 2;
2080 if (ioctl(ufd, BIOCSFEEDBACK, &uval) != 0) e(0);
2081
2082 if (ioctl(ufd, BIOCGFEEDBACK, &uval) != 0) e(0);
2083 if (uval != 1) e(0);
2084
2085 uval = 0;
2086 if (ioctl(ufd, BIOCSFEEDBACK, &uval) != 0) e(0);
2087
2088 uval = 1;
2089 if (ioctl(ufd, BIOCGFEEDBACK, &uval) != 0) e(0);
2090 if (uval != 0) e(0);
2091
2092 /* Clean up. */
2093 if (close(ufd) != 0) e(0);
2094
2095 test94_cleanup(cfd, fd2, fd3, buf);
2096 }
2097
2098 /* IPv6 version of our filter. */
2099 static struct bpf_insn test94_filter6[] = {
2100 { BPF_LD+BPF_B+BPF_ABS, 0, 0, 0 }, /* is this an IPv6 header? */
2101 { BPF_ALU+BPF_RSH+BPF_K, 0, 0, 4 },
2102 { BPF_JMP+BPF_JEQ+BPF_K, 0, 6, 6 },
2103 { BPF_LD+BPF_B+BPF_ABS, 0, 0, 6 }, /* is this a UDP packet? */
2104 { BPF_JMP+BPF_JEQ+BPF_K, 0, 4, IPPROTO_UDP },
2105 { BPF_LD+BPF_H+BPF_ABS, 0, 0, 40 }, /* source port 12345? */
2106 { BPF_JMP+BPF_JEQ+BPF_K, 0, 2, TEST_PORT_A },
2107 { BPF_LD+BPF_H+BPF_ABS, 0, 0, 42 }, /* destination port 12346? */
2108 { BPF_JMP+BPF_JEQ+BPF_K, 1, 0, TEST_PORT_B },
2109 { BPF_RET+BPF_K, 0, 0, 0 }, /* reject the packet */
2110 { BPF_RET+BPF_K, 0, 0, (uint32_t)-1 }, /* accept the (whole) packet */
2111 };
2112
2113 /*
2114 * Test receipt of IPv6 packets, because it was getting a bit messy to
2115 * integrate that into the previous subtests. We just want to make sure that
2116 * IPv6 packets are properly filtered and captured at all. The rest of the
2117 * code is entirely version agnostic anyway.
2118 */
2119 static void
test94i(void)2120 test94i(void)
2121 {
2122 struct sockaddr_in6 sin6A, sin6B;
2123 struct bpf_program bf;
2124 struct bpf_stat bs;
2125 struct bpf_hdr bh;
2126 struct ifreq ifr;
2127 struct ip6_hdr ip6;
2128 struct udphdr uh;
2129 uint8_t *buf, c;
2130 socklen_t socklen;
2131 ssize_t len;
2132 size_t off;
2133 unsigned int uval, size, dlt;
2134 int fd, fd2, fd3;
2135
2136 subtest = 9;
2137
2138 if ((fd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
2139
2140 if (ioctl(fd, BIOCGBLEN, &size) != 0) e(0);
2141 if (size < 1024 || size > BPF_MAXBUFSIZE) e(0);
2142
2143 if ((buf = malloc(size)) == NULL) e(0);
2144
2145 /* Install the filter. */
2146 memset(&bf, 0, sizeof(bf));
2147 bf.bf_len = __arraycount(test94_filter6);
2148 bf.bf_insns = test94_filter6;
2149 if (ioctl(fd, BIOCSETF, &bf) != 0) e(0);
2150
2151 uval = 1;
2152 if (ioctl(fd, BIOCIMMEDIATE, &uval) != 0) e(0);
2153
2154 /* Bind to the loopback device. */
2155 memset(&ifr, 0, sizeof(ifr));
2156 strlcpy(ifr.ifr_name, LOOPBACK_IFNAME, sizeof(ifr.ifr_name));
2157 if (ioctl(fd, BIOCSETIF, &ifr) != 0) e(0);
2158
2159 /*
2160 * If the loopback device's data link type is not DLT_RAW, our filter
2161 * and size calculations will not work.
2162 */
2163 if (ioctl(fd, BIOCGDLT, &dlt) != 0) e(0);
2164 if (dlt != DLT_RAW) e(0);
2165
2166 /* We use UDP traffic for our test packets. */
2167 if ((fd2 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) e(0);
2168
2169 memset(&sin6A, 0, sizeof(sin6A));
2170 sin6A.sin6_family = AF_INET6;
2171 sin6A.sin6_port = htons(TEST_PORT_A);
2172 memcpy(&sin6A.sin6_addr, &in6addr_loopback, sizeof(sin6A.sin6_addr));
2173 if (bind(fd2, (struct sockaddr *)&sin6A, sizeof(sin6A)) != 0) e(0);
2174
2175 memcpy(&sin6B, &sin6A, sizeof(sin6B));
2176 sin6B.sin6_port = htons(TEST_PORT_B);
2177 if (connect(fd2, (struct sockaddr *)&sin6B, sizeof(sin6B)) != 0) e(0);
2178
2179 if ((fd3 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) e(0);
2180
2181 if (bind(fd3, (struct sockaddr *)&sin6B, sizeof(sin6B)) != 0) e(0);
2182
2183 if (connect(fd3, (struct sockaddr *)&sin6A, sizeof(sin6A)) != 0) e(0);
2184
2185 if (write(fd2, "A", 1) != 1) e(0);
2186
2187 if (read(fd3, &c, 1) != 1) e(0);
2188 if (c != 'A') e(0);
2189
2190 if (write(fd3, "B", 1) != 1) e(0);
2191
2192 if (read(fd2, &c, 1) != 1) e(0);
2193 if (c != 'B') e(0);
2194
2195 if (ioctl(fd, BIOCGSTATS, &bs) != 0) e(0);
2196 if (bs.bs_recv < 2) e(0);
2197 if (bs.bs_capt != 1) e(0);
2198 if (bs.bs_drop != 0) e(0);
2199
2200 memset(buf, 0, size);
2201
2202 len = read(fd, buf, size);
2203
2204 if (len != BPF_WORDALIGN(sizeof(bh)) +
2205 BPF_WORDALIGN(sizeof(ip6) + sizeof(uh) + 1)) e(0);
2206
2207 memcpy(&bh, buf, sizeof(bh));
2208
2209 if (bh.bh_tstamp.tv_sec == 0 && bh.bh_tstamp.tv_usec == 0) e(0);
2210 if (bh.bh_caplen != sizeof(ip6) + sizeof(uh) + 1) e(0);
2211 if (bh.bh_datalen != bh.bh_caplen) e(0);
2212 if (bh.bh_hdrlen != BPF_WORDALIGN(sizeof(bh))) e(0);
2213
2214 if (buf[bh.bh_hdrlen + sizeof(ip6) + sizeof(uh)] != 'A') e(0);
2215
2216 /*
2217 * Finally, do a quick test to see if we can send IPv6 packets by
2218 * writing to the BPF device. We rely on such packets being generated
2219 * properly in a later test.
2220 */
2221 off = test94_make_pkt(buf, 6, 1 /*v6*/);
2222 memcpy(buf + off, "Hello!", 6);
2223
2224 if (write(fd, buf, off + 6) != off + 6) e(0);
2225
2226 socklen = sizeof(sin6A);
2227 if (recvfrom(fd3, buf, size, 0, (struct sockaddr *)&sin6A,
2228 &socklen) != 6) e(0);
2229
2230 if (memcmp(buf, "Hello!", 6) != 0) e(0);
2231 if (socklen != sizeof(sin6A)) e(0);
2232 if (sin6A.sin6_family != AF_INET6) e(0);
2233 if (sin6A.sin6_port != htons(TEST_PORT_A)) e(0);
2234 if (memcmp(&sin6A.sin6_addr, &in6addr_loopback,
2235 sizeof(sin6A.sin6_addr)) != 0) e(0);
2236
2237 free(buf);
2238
2239 if (close(fd3) != 0) e(0);
2240
2241 if (close(fd2) != 0) e(0);
2242
2243 if (close(fd) != 0) e(0);
2244 }
2245
2246 /*
2247 * Test the BPF sysctl(7) interface at a basic level.
2248 */
2249 static void
test94j(void)2250 test94j(void)
2251 {
2252 struct bpf_stat bs1, bs2;
2253 struct bpf_d_ext *bde;
2254 uint8_t *buf;
2255 unsigned int slot, count, uval;
2256 size_t len, oldlen, size, bdesize;
2257 int fd, fd2, fd3, val, mib[5], smib[3], found;
2258
2259 subtest = 10;
2260
2261 /*
2262 * Obtain the maximum buffer size. The value must be sane.
2263 */
2264 memset(mib, 0, sizeof(mib));
2265 len = __arraycount(mib);
2266 if (sysctlnametomib("net.bpf.maxbufsize", mib, &len) != 0) e(0);
2267 if (len != 3) e(0);
2268
2269 oldlen = sizeof(val);
2270 if (sysctl(mib, len, &val, &oldlen, NULL, 0) != 0) e(0);
2271 if (oldlen != sizeof(val)) e(0);
2272
2273 if (val < 1024 || val > INT_MAX / 2) e(0);
2274
2275 /*
2276 * Attempt to set the maximum buffer size. This is not (yet) supported
2277 * so for now we want to make sure that it really does not work.
2278 */
2279 if (sysctl(mib, len, NULL, NULL, &val, sizeof(val)) != -1) e(0);
2280 if (errno != EPERM) e(0);
2281
2282 /*
2283 * Obtain global statistics. We check the actual statistics later on.
2284 */
2285 memset(smib, 0, sizeof(smib));
2286 len = __arraycount(smib);
2287 if (sysctlnametomib("net.bpf.stats", smib, &len) != 0) e(0);
2288 if (len != 3) e(0);
2289
2290 oldlen = sizeof(bs1);
2291 if (sysctl(smib, len, &bs1, &oldlen, NULL, 0) != 0) e(0);
2292 if (oldlen != sizeof(bs1)) e(0);
2293
2294 /*
2295 * Set up a BPF descriptor, and retrieve the list of BPF peers. We
2296 * should be able to find our BPF peer.
2297 */
2298 memset(mib, 0, sizeof(mib));
2299 len = __arraycount(mib);
2300 if (sysctlnametomib("net.bpf.peers", mib, &len) != 0) e(0);
2301 if (len != 3) e(0);
2302 mib[len++] = sizeof(*bde); /* size of each element */
2303 mib[len++] = INT_MAX; /* limit on elements to return */
2304
2305 size = test94_setup(&fd, &fd2, &fd3, &buf, 0 /*size*/,
2306 1 /*set_filter*/);
2307
2308 /* Generate some traffic to bump the statistics. */
2309 count = test94_fill_exact(fd2, buf, size, 0);
2310 test94_fill_exact(fd2, buf, size, 0);
2311 test94_fill_exact(fd2, buf, size, 0);
2312
2313 if (write(fd3, "X", 1) != 1) e(0);
2314
2315 if (sysctl(mib, len, NULL, &oldlen, NULL, 0) != 0) e(0);
2316 if (oldlen == 0) e(0);
2317
2318 /* Add some slack space ourselves to prevent problems with churn. */
2319 bdesize = oldlen + sizeof(*bde) * 8;
2320 if ((bde = malloc(bdesize)) == NULL) e(0);
2321
2322 oldlen = bdesize;
2323 if (sysctl(mib, len, bde, &oldlen, NULL, 0) != 0) e(0);
2324 if (oldlen % sizeof(*bde)) e(0);
2325
2326 found = 0;
2327 for (slot = 0; slot < oldlen / sizeof(*bde); slot++) {
2328 if (bde[slot].bde_pid != getpid())
2329 continue;
2330
2331 if (bde[slot].bde_bufsize != size) e(0);
2332 if (bde[slot].bde_promisc != 0) e(0);
2333 if (bde[slot].bde_state != BPF_IDLE) e(0);
2334 if (bde[slot].bde_immediate != 0) e(0);
2335 if (bde[slot].bde_hdrcmplt != 0) e(0);
2336 if (bde[slot].bde_seesent != 1) e(0);
2337 if (bde[slot].bde_rcount < count * 3 + 1) e(0);
2338 if (bde[slot].bde_dcount != count) e(0);
2339 if (bde[slot].bde_ccount != count * 3) e(0);
2340 if (strcmp(bde[slot].bde_ifname, LOOPBACK_IFNAME) != 0) e(0);
2341
2342 found++;
2343 }
2344 if (found != 1) e(0);
2345
2346 /*
2347 * If global statistics are an accumulation of individual devices'
2348 * statistics (they currently are not) then such a scheme should take
2349 * into account device flushes.
2350 */
2351 if (ioctl(fd, BIOCFLUSH) != 0) e(0);
2352
2353 test94_cleanup(fd, fd2, fd3, buf);
2354
2355 /*
2356 * Now see if the global statistics have indeed changed correctly.
2357 */
2358 oldlen = sizeof(bs2);
2359 if (sysctl(smib, __arraycount(smib), &bs2, &oldlen, NULL, 0) != 0)
2360 e(0);
2361 if (oldlen != sizeof(bs2)) e(0);
2362
2363 if (bs2.bs_recv < bs1.bs_recv + count * 3 + 1) e(0);
2364 if (bs2.bs_drop != bs1.bs_drop + count) e(0);
2365 if (bs2.bs_capt != bs1.bs_capt + count * 3) e(0);
2366
2367 /*
2368 * Check an unconfigured BPF device as well.
2369 */
2370 if ((fd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
2371
2372 /*
2373 * Toggle some flags. It is too much effort to test them all
2374 * individually (which, in the light of copy-paste mistakes, would be
2375 * the right thing to do) but at least we'll know something gets set.
2376 */
2377 uval = 1;
2378 if (ioctl(fd, BIOCIMMEDIATE, &uval) != 0) e(0);
2379 if (ioctl(fd, BIOCSHDRCMPLT, &uval) != 0) e(0);
2380
2381 uval = 0;
2382 if (ioctl(fd, BIOCSSEESENT, &uval) != 0) e(0);
2383
2384 oldlen = bdesize;
2385 if (sysctl(mib, len, bde, &oldlen, NULL, 0) != 0) e(0);
2386 if (oldlen % sizeof(*bde)) e(0);
2387
2388 found = 0;
2389 for (slot = 0; slot < oldlen / sizeof(*bde); slot++) {
2390 if (bde[slot].bde_pid != getpid())
2391 continue;
2392
2393 if (bde[slot].bde_bufsize != size) e(0);
2394 if (bde[slot].bde_promisc != 0) e(0);
2395 if (bde[slot].bde_state != BPF_IDLE) e(0);
2396 if (bde[slot].bde_immediate != 1) e(0);
2397 if (bde[slot].bde_hdrcmplt != 1) e(0);
2398 if (bde[slot].bde_seesent != 0) e(0);
2399 if (bde[slot].bde_rcount != 0) e(0);
2400 if (bde[slot].bde_dcount != 0) e(0);
2401 if (bde[slot].bde_ccount != 0) e(0);
2402 if (bde[slot].bde_ifname[0] != '\0') e(0);
2403
2404 found++;
2405 }
2406 if (found != 1) e(0);
2407
2408 close(fd);
2409
2410 /*
2411 * At this point there should be no BPF device left for our PID.
2412 */
2413 oldlen = bdesize;
2414 if (sysctl(mib, len, bde, &oldlen, NULL, 0) != 0) e(0);
2415 if (oldlen % sizeof(*bde)) e(0);
2416
2417 for (slot = 0; slot < oldlen / sizeof(*bde); slot++)
2418 if (bde[slot].bde_pid == getpid()) e(0);
2419 found++;
2420
2421 free(bde);
2422 }
2423
2424 /*
2425 * Test privileged operations as an unprivileged caller.
2426 */
2427 static void
test94k(void)2428 test94k(void)
2429 {
2430 struct passwd *pw;
2431 pid_t pid;
2432 size_t len, oldlen;
2433 int mib[5], status;
2434
2435 subtest = 11;
2436
2437 pid = fork();
2438 switch (pid) {
2439 case 0:
2440 errct = 0;
2441
2442 if ((pw = getpwnam(NONROOT_USER)) == NULL) e(0);
2443
2444 if (setuid(pw->pw_uid) != 0) e(0);
2445
2446 /*
2447 * Opening /dev/bpf must fail. Note that this is a system
2448 * configuration issue rather than a LWIP service issue.
2449 */
2450 if (open(_PATH_BPF, O_RDWR) != -1) e(0);
2451 if (errno != EACCES) e(0);
2452
2453 /*
2454 * Retrieving the net.bpf.peers list must fail, too.
2455 */
2456 memset(mib, 0, sizeof(mib));
2457 len = __arraycount(mib);
2458 if (sysctlnametomib("net.bpf.peers", mib, &len) != 0) e(0);
2459 if (len != 3) e(0);
2460 mib[len++] = sizeof(struct bpf_d_ext);
2461 mib[len++] = INT_MAX;
2462
2463 if (sysctl(mib, len, NULL, &oldlen, NULL, 0) != -1) e(0);
2464 if (errno != EPERM) e(0);
2465
2466 exit(errct);
2467 case -1:
2468 e(0);
2469
2470 break;
2471 default:
2472 break;
2473 }
2474
2475 if (wait(&status) != pid) e(0);
2476 if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) e(0);
2477 }
2478
2479 /*
2480 * Test that traffic directed to loopback addresses be dropped on non-loopback
2481 * interfaces. In particular, inbound traffic to 127.0.0.1 and ::1 should not
2482 * be accepted on any interface that does not own those addresses. This test
2483 * is here because BPF feedback mode is (currently) the only way in which we
2484 * can generate inbound traffic the ethernet level, and even then only as a
2485 * side effect of sending outbound traffic. That is: this test sends the same
2486 * test packets to the local network! As such it must be performed only when
2487 * USENETWORK=yes and therefore at the user's risk.
2488 */
2489 static void
test94l(void)2490 test94l(void)
2491 {
2492 struct sockaddr_in sin;
2493 struct sockaddr_in6 sin6;
2494 struct sockaddr_dl sdl;
2495 struct ifreq ifr;
2496 struct ifaddrs *ifa, *ifp;
2497 struct if_data *ifdata;
2498 uint8_t buf[sizeof(struct ether_header) + MAX(sizeof(struct ip),
2499 sizeof(struct ip6_hdr)) + sizeof(struct udphdr) + 6];
2500 struct ether_header ether;
2501 const uint8_t ether_src[ETHER_ADDR_LEN] =
2502 { 0x02, 0x00, 0x01, 0x12, 0x34, 0x56 };
2503 unsigned int val;
2504 size_t off;
2505 int bfd, sfd;
2506
2507 subtest = 12;
2508
2509 if (!get_setting_use_network())
2510 return;
2511
2512 memset(&ifr, 0, sizeof(ifr));
2513 memset(ðer, 0, sizeof(ether));
2514
2515 /*
2516 * Start by finding a suitable ethernet interface that is up and of
2517 * which the link is not down. Without one, we cannot perform this
2518 * test. Save the interface name and the ethernet address.
2519 */
2520 if (getifaddrs(&ifa) != 0) e(0);
2521
2522 for (ifp = ifa; ifp != NULL; ifp = ifp->ifa_next) {
2523 if (!(ifp->ifa_flags & IFF_UP) || ifp->ifa_addr == NULL ||
2524 ifp->ifa_addr->sa_family != AF_LINK)
2525 continue;
2526
2527 ifdata = (struct if_data *)ifp->ifa_data;
2528 if (ifdata != NULL && ifdata->ifi_type == IFT_ETHER &&
2529 ifdata->ifi_link_state != LINK_STATE_DOWN) {
2530 strlcpy(ifr.ifr_name, ifp->ifa_name,
2531 sizeof(ifr.ifr_name));
2532
2533 memcpy(&sdl, (struct sockaddr_dl *)ifp->ifa_addr,
2534 offsetof(struct sockaddr_dl, sdl_data));
2535 if (sdl.sdl_alen != sizeof(ether.ether_dhost)) e(0);
2536 memcpy(ether.ether_dhost,
2537 ((struct sockaddr_dl *)ifp->ifa_addr)->sdl_data +
2538 sdl.sdl_nlen, sdl.sdl_alen);
2539 break;
2540 }
2541 }
2542
2543 freeifaddrs(ifa);
2544
2545 if (ifp == NULL)
2546 return;
2547
2548 /* Open a BPF device and bind it to the ethernet interface we found. */
2549 if ((bfd = open(_PATH_BPF, O_RDWR)) < 0) e(0);
2550
2551 if (ioctl(bfd, BIOCSETIF, &ifr) != 0) e(0);
2552
2553 if (ioctl(bfd, BIOCGDLT, &val) != 0) e(0);
2554 if (val != DLT_EN10MB) e(0);
2555
2556 val = 1;
2557 if (ioctl(bfd, BIOCSFEEDBACK, &val) != 0) e(0);
2558
2559 /* We use UDP traffic for our test packets, IPv4 first. */
2560 if ((sfd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) e(0);
2561
2562 memset(&sin, 0, sizeof(sin));
2563 sin.sin_family = AF_INET;
2564 sin.sin_port = htons(TEST_PORT_B);
2565 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
2566 if (bind(sfd, (struct sockaddr *)&sin, sizeof(sin)) != 0) e(0);
2567
2568 /*
2569 * Construct and send a packet. We already filled in the ethernet
2570 * destination address. Put in a source address that is locally
2571 * administered but valid (and as such no reason for packet rejection).
2572 */
2573 memcpy(ether.ether_shost, ether_src, sizeof(ether.ether_shost));
2574 ether.ether_type = htons(ETHERTYPE_IP);
2575
2576 memcpy(buf, ðer, sizeof(ether));
2577 off = sizeof(ether);
2578 off += test94_make_pkt(buf + off, 6, 0 /*v6*/);
2579 if (off + 6 > sizeof(buf)) e(0);
2580 memcpy(buf + off, "Hello!", 6);
2581
2582 if (write(bfd, buf, off + 6) != off + 6) e(0);
2583
2584 /* The packet MUST NOT arrive. */
2585 if (recv(sfd, buf, sizeof(buf), MSG_DONTWAIT) != -1) e(0);
2586 if (errno != EWOULDBLOCK) e(0);
2587
2588 if (close(sfd) != 0) e(0);
2589
2590 /* Try the same thing, but now with an IPv6 packet. */
2591 if ((sfd = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) e(0);
2592
2593 memset(&sin6, 0, sizeof(sin6));
2594 sin6.sin6_family = AF_INET6;
2595 sin6.sin6_port = htons(TEST_PORT_B);
2596 memcpy(&sin6.sin6_addr, &in6addr_loopback, sizeof(sin6.sin6_addr));
2597 if (bind(sfd, (struct sockaddr *)&sin6, sizeof(sin6)) != 0) e(0);
2598
2599 ether.ether_type = htons(ETHERTYPE_IPV6);
2600
2601 memcpy(buf, ðer, sizeof(ether));
2602 off = sizeof(ether);
2603 off += test94_make_pkt(buf + off, 6, 1 /*v6*/);
2604 if (off + 6 > sizeof(buf)) e(0);
2605 memcpy(buf + off, "Hello!", 6);
2606
2607 if (write(bfd, buf, off + 6) != off + 6) e(0);
2608
2609 if (recv(sfd, buf, sizeof(buf), MSG_DONTWAIT) != -1) e(0);
2610 if (errno != EWOULDBLOCK) e(0);
2611
2612 if (close(sfd) != 0) e(0);
2613 if (close(bfd) != 0) e(0);
2614 }
2615
2616 /*
2617 * Test program for LWIP BPF.
2618 */
2619 int
main(int argc,char ** argv)2620 main(int argc, char ** argv)
2621 {
2622 int i, m;
2623
2624 start(94);
2625
2626 srand48(time(NULL));
2627
2628 if (argc == 2)
2629 m = atoi(argv[1]);
2630 else
2631 m = 0xFFF;
2632
2633 for (i = 0; i < ITERATIONS; i++) {
2634 if (m & 0x001) test94a();
2635 if (m & 0x002) test94b();
2636 if (m & 0x004) test94c();
2637 if (m & 0x008) test94d();
2638 if (m & 0x010) test94e();
2639 if (m & 0x020) test94f();
2640 if (m & 0x040) test94g();
2641 if (m & 0x080) test94h();
2642 if (m & 0x100) test94i();
2643 if (m & 0x200) test94j();
2644 if (m & 0x400) test94k();
2645 if (m & 0x800) test94l();
2646 }
2647
2648 quit();
2649 /* NOTREACHED */
2650 }
2651