LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
74b31cace5370c14c56029bb92a6b475f8eb7aed
android_packages_modules_Co…/tests/mts/bpf_existence_test.cpp
Maciej Żenczykowski 74b31cace5 bpf_existence_test: add a missed map and program 
Test: TreeHugger, atest bpf_existence_test
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I41c8a3c1764c1542f0d3e68a4713d8984ef58db0
2022-07-19 06:19:31 -07:00

198 lines
7.4 KiB
C++
Raw Blame History

/*
* Copyright 2022 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* bpf_existence_test.cpp - checks that the device has expected BPF programs and maps
*/
#include <cstdint>
#include <set>
#include <string>
#include <android/api-level.h>
#include <android-base/properties.h>
#include <android-modules-utils/sdk_level.h>
#include <bpf/BpfUtils.h>
#include <gtest/gtest.h>
using std::find;
using std::set;
using std::string;
using android::bpf::isAtLeastKernelVersion;
using android::modules::sdklevel::IsAtLeastR;
using android::modules::sdklevel::IsAtLeastS;
using android::modules::sdklevel::IsAtLeastT;
#define PLATFORM "/sys/fs/bpf/"
#define TETHERING "/sys/fs/bpf/tethering/"
#define PRIVATE "/sys/fs/bpf/net_private/"
#define SHARED "/sys/fs/bpf/net_shared/"
#define NETD "/sys/fs/bpf/netd_shared/"
class BpfExistenceTest : public ::testing::Test {
};
// Part of Android R platform, but mainlined in S
static const set<string> PLATFORM_ONLY_IN_R = {
PLATFORM "map_offload_tether_ingress_map",
PLATFORM "map_offload_tether_limit_map",
PLATFORM "map_offload_tether_stats_map",
PLATFORM "prog_offload_schedcls_ingress_tether_ether",
PLATFORM "prog_offload_schedcls_ingress_tether_rawip",
};
// Provided by *current* mainline module for S+ devices
static const set<string> MAINLINE_FOR_S_PLUS = {
TETHERING "map_offload_tether_dev_map",
TETHERING "map_offload_tether_downstream4_map",
TETHERING "map_offload_tether_downstream64_map",
TETHERING "map_offload_tether_downstream6_map",
TETHERING "map_offload_tether_error_map",
TETHERING "map_offload_tether_limit_map",
TETHERING "map_offload_tether_stats_map",
TETHERING "map_offload_tether_upstream4_map",
TETHERING "map_offload_tether_upstream6_map",
TETHERING "map_test_bitmap",
TETHERING "map_test_tether_downstream6_map",
TETHERING "prog_offload_schedcls_tether_downstream4_ether",
TETHERING "prog_offload_schedcls_tether_downstream4_rawip",
TETHERING "prog_offload_schedcls_tether_downstream6_ether",
TETHERING "prog_offload_schedcls_tether_downstream6_rawip",
TETHERING "prog_offload_schedcls_tether_upstream4_ether",
TETHERING "prog_offload_schedcls_tether_upstream4_rawip",
TETHERING "prog_offload_schedcls_tether_upstream6_ether",
TETHERING "prog_offload_schedcls_tether_upstream6_rawip",
};
// Provided by *current* mainline module for S+ devices with 5.10+ kernels
static const set<string> MAINLINE_FOR_S_5_10_PLUS = {
TETHERING "prog_test_xdp_drop_ipv4_udp_ether",
};
// Provided by *current* mainline module for T+ devices
static const set<string> MAINLINE_FOR_T_PLUS = {
SHARED "map_block_blocked_ports_map",
SHARED "map_clatd_clat_egress4_map",
SHARED "map_clatd_clat_ingress6_map",
SHARED "map_dscp_policy_ipv4_dscp_policies_map",
SHARED "map_dscp_policy_ipv4_socket_to_policies_map_A",
SHARED "map_dscp_policy_ipv4_socket_to_policies_map_B",
SHARED "map_dscp_policy_ipv6_dscp_policies_map",
SHARED "map_dscp_policy_ipv6_socket_to_policies_map_A",
SHARED "map_dscp_policy_ipv6_socket_to_policies_map_B",
SHARED "map_dscp_policy_switch_comp_map",
NETD "map_netd_app_uid_stats_map",
NETD "map_netd_configuration_map",
NETD "map_netd_cookie_tag_map",
NETD "map_netd_iface_index_name_map",
NETD "map_netd_iface_stats_map",
NETD "map_netd_stats_map_A",
NETD "map_netd_stats_map_B",
NETD "map_netd_uid_counterset_map",
NETD "map_netd_uid_owner_map",
NETD "map_netd_uid_permission_map",
SHARED "prog_clatd_schedcls_egress4_clat_ether",
SHARED "prog_clatd_schedcls_egress4_clat_rawip",
SHARED "prog_clatd_schedcls_ingress6_clat_ether",
SHARED "prog_clatd_schedcls_ingress6_clat_rawip",
NETD "prog_netd_cgroupskb_egress_stats",
NETD "prog_netd_cgroupskb_ingress_stats",
NETD "prog_netd_cgroupsock_inet_create",
NETD "prog_netd_schedact_ingress_account",
NETD "prog_netd_skfilter_allowlist_xtbpf",
NETD "prog_netd_skfilter_denylist_xtbpf",
NETD "prog_netd_skfilter_egress_xtbpf",
NETD "prog_netd_skfilter_ingress_xtbpf",
};
// Provided by *current* mainline module for T+ devices with 5.4+ kernels
static const set<string> MAINLINE_FOR_T_5_4_PLUS = {
SHARED "prog_block_bind4_block_port",
SHARED "prog_block_bind6_block_port",
};
// Provided by *current* mainline module for T+ devices with 5.15+ kernels
static const set<string> MAINLINE_FOR_T_5_15_PLUS = {
SHARED "prog_dscp_policy_schedcls_set_dscp_ether",
SHARED "prog_dscp_policy_schedcls_set_dscp_raw_ip",
};
void addAll(set<string>* a, const set<string>& b) {
a->insert(b.begin(), b.end());
}
#define DO_EXPECT(B, V) do { \
if (B) addAll(expected, (V)); else addAll(unexpected, (V)); \
} while (0)
void getFileLists(set<string>* expected, set<string>* unexpected) {
unexpected->clear();
expected->clear();
// We do not actually check the platform P/Q (netd) and Q (clatd) things
// and only verify the mainline module relevant R+ offload maps & progs.
//
// The goal of this test is to verify compatibility with the tethering mainline module,
// and not to test the platform itself, which may have been modified by vendor or oems,
// so we should only test for the removal of stuff that was mainline'd,
// and for the presence of mainline stuff.
DO_EXPECT(IsAtLeastR() && !IsAtLeastS(), PLATFORM_ONLY_IN_R);
DO_EXPECT(IsAtLeastS(), MAINLINE_FOR_S_PLUS);
DO_EXPECT(IsAtLeastS() && isAtLeastKernelVersion(5, 10, 0), MAINLINE_FOR_S_5_10_PLUS);
// Nothing added or removed in SCv2.
DO_EXPECT(IsAtLeastT(), MAINLINE_FOR_T_PLUS);
DO_EXPECT(IsAtLeastT() && isAtLeastKernelVersion(5, 4, 0), MAINLINE_FOR_T_5_4_PLUS);
DO_EXPECT(IsAtLeastT() && isAtLeastKernelVersion(5, 15, 0), MAINLINE_FOR_T_5_15_PLUS);
}
void checkFiles() {
set<string> mustExist;
set<string> mustNotExist;
getFileLists(&mustExist, &mustNotExist);
for (const auto& file : mustExist) {
EXPECT_EQ(0, access(file.c_str(), R_OK)) << file << " does not exist";
}
for (const auto& file : mustNotExist) {
int ret = access(file.c_str(), R_OK);
int err = errno;
EXPECT_EQ(-1, ret) << file << " unexpectedly exists";
if (ret == -1) {
EXPECT_EQ(ENOENT, err) << " accessing " << file << " failed with errno " << err;
}
}
}
TEST_F(BpfExistenceTest, TestPrograms) {
SKIP_IF_BPF_NOT_SUPPORTED;
// Pre-flight check to ensure test has been updated.
uint64_t buildVersionSdk = android_get_device_api_level();
ASSERT_NE(0, buildVersionSdk) << "Unable to determine device SDK version";
if (buildVersionSdk > __ANDROID_API_T__ && buildVersionSdk != __ANDROID_API_FUTURE__) {
FAIL() << "Unknown OS version " << buildVersionSdk << ", please update this test";
}
// Only unconfined root is guaranteed to be able to access everything in /sys/fs/bpf.
ASSERT_EQ(0, getuid()) << "This test must run as root.";
checkFiles();
}
Reference in New Issue View Git Blame Copy Permalink