github.com/SagerNet/gvisor@v0.0.0-20210707092255-7731c139d75c/test/packetimpact/tests/udp_icmp_error_propagation_test.go (about) 1 // Copyright 2020 The gVisor Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package udp_icmp_error_propagation_test 16 17 import ( 18 "context" 19 "flag" 20 "fmt" 21 "net" 22 "sync" 23 "testing" 24 "time" 25 26 "golang.org/x/sys/unix" 27 "github.com/SagerNet/gvisor/pkg/tcpip/header" 28 "github.com/SagerNet/gvisor/test/packetimpact/testbench" 29 ) 30 31 func init() { 32 testbench.Initialize(flag.CommandLine) 33 } 34 35 type connectionMode bool 36 37 func (c connectionMode) String() string { 38 if c { 39 return "Connected" 40 } 41 return "Connectionless" 42 } 43 44 type icmpError int 45 46 const ( 47 portUnreachable icmpError = iota 48 timeToLiveExceeded 49 ) 50 51 func (e icmpError) String() string { 52 switch e { 53 case portUnreachable: 54 return "PortUnreachable" 55 case timeToLiveExceeded: 56 return "TimeToLiveExpired" 57 } 58 return "Unknown ICMP error" 59 } 60 61 func (e icmpError) ToICMPv4(payload []byte) *testbench.ICMPv4 { 62 switch e { 63 case portUnreachable: 64 return &testbench.ICMPv4{ 65 Type: testbench.ICMPv4Type(header.ICMPv4DstUnreachable), 66 Code: testbench.ICMPv4Code(header.ICMPv4PortUnreachable), 67 Payload: payload, 68 } 69 case timeToLiveExceeded: 70 return &testbench.ICMPv4{ 71 Type: testbench.ICMPv4Type(header.ICMPv4TimeExceeded), 72 Code: testbench.ICMPv4Code(header.ICMPv4TTLExceeded), 73 Payload: payload, 74 } 75 } 76 return nil 77 } 78 79 type errorDetection struct { 80 name string 81 useValidConn bool 82 f func(context.Context, *testing.T, testData) 83 } 84 85 type testData struct { 86 dut *testbench.DUT 87 conn *testbench.UDPIPv4 88 remoteFD int32 89 remotePort uint16 90 cleanFD int32 91 cleanPort uint16 92 wantErrno unix.Errno 93 } 94 95 // wantErrno computes the errno to expect given the connection mode of a UDP 96 // socket and the ICMP error it will receive. 97 func wantErrno(c connectionMode, icmpErr icmpError) unix.Errno { 98 if c && icmpErr == portUnreachable { 99 return unix.ECONNREFUSED 100 } 101 return unix.Errno(0) 102 } 103 104 // sendICMPError sends an ICMP error message in response to a UDP datagram. 105 func sendICMPError(t *testing.T, conn *testbench.UDPIPv4, icmpErr icmpError, udp *testbench.UDP) { 106 t.Helper() 107 108 ip, ok := udp.Prev().(*testbench.IPv4) 109 if !ok { 110 t.Fatalf("expected %s to be IPv4", udp.Prev()) 111 } 112 if icmpErr == timeToLiveExceeded { 113 *ip.TTL = 1 114 // Let serialization recalculate the checksum since we set the TTL 115 // to 1. 116 ip.Checksum = nil 117 } 118 119 icmpPayload := testbench.Layers{ip, udp} 120 bytes, err := icmpPayload.ToBytes() 121 if err != nil { 122 t.Fatalf("got icmpPayload.ToBytes() = (_, %s), want = (_, nil)", err) 123 } 124 125 layers := conn.CreateFrame(t, nil) 126 layers[len(layers)-1] = icmpErr.ToICMPv4(bytes) 127 conn.SendFrameStateless(t, layers) 128 } 129 130 // testRecv tests observing the ICMP error through the recv unix. A packet 131 // is sent to the DUT, and if wantErrno is non-zero, then the first recv should 132 // fail and the second should succeed. Otherwise if wantErrno is zero then the 133 // first recv should succeed immediately. 134 func testRecv(ctx context.Context, t *testing.T, d testData) { 135 t.Helper() 136 137 // Check that receiving on the clean socket works. 138 d.conn.Send(t, testbench.UDP{DstPort: &d.cleanPort}) 139 d.dut.Recv(t, d.cleanFD, 100, 0) 140 141 d.conn.Send(t, testbench.UDP{}) 142 143 if d.wantErrno != unix.Errno(0) { 144 ret, _, err := d.dut.RecvWithErrno(ctx, t, d.remoteFD, 100, 0) 145 if ret != -1 { 146 t.Fatalf("recv after ICMP error succeeded unexpectedly, expected (%[1]d) %[1]v", d.wantErrno) 147 } 148 if err != d.wantErrno { 149 t.Fatalf("recv after ICMP error resulted in error (%[1]d) %[1]v, expected (%[2]d) %[2]v", err, d.wantErrno) 150 } 151 } 152 153 d.dut.Recv(t, d.remoteFD, 100, 0) 154 } 155 156 // testSendTo tests observing the ICMP error through the send syscall. If 157 // wantErrno is non-zero, the first send should fail and a subsequent send 158 // should suceed; while if wantErrno is zero then the first send should just 159 // succeed. 160 func testSendTo(ctx context.Context, t *testing.T, d testData) { 161 // Check that sending on the clean socket works. 162 d.dut.SendTo(t, d.cleanFD, nil, 0, d.conn.LocalAddr(t)) 163 if _, err := d.conn.Expect(t, testbench.UDP{SrcPort: &d.cleanPort}, time.Second); err != nil { 164 t.Fatalf("did not receive UDP packet from clean socket on DUT: %s", err) 165 } 166 167 if d.wantErrno != unix.Errno(0) { 168 ret, err := d.dut.SendToWithErrno(ctx, t, d.remoteFD, nil, 0, d.conn.LocalAddr(t)) 169 170 if ret != -1 { 171 t.Fatalf("sendto after ICMP error succeeded unexpectedly, expected (%[1]d) %[1]v", d.wantErrno) 172 } 173 if err != d.wantErrno { 174 t.Fatalf("sendto after ICMP error resulted in error (%[1]d) %[1]v, expected (%[2]d) %[2]v", err, d.wantErrno) 175 } 176 } 177 178 d.dut.SendTo(t, d.remoteFD, nil, 0, d.conn.LocalAddr(t)) 179 if _, err := d.conn.Expect(t, testbench.UDP{}, time.Second); err != nil { 180 t.Fatalf("did not receive UDP packet as expected: %s", err) 181 } 182 } 183 184 func testSockOpt(_ context.Context, t *testing.T, d testData) { 185 // Check that there's no pending error on the clean socket. 186 if errno := unix.Errno(d.dut.GetSockOptInt(t, d.cleanFD, unix.SOL_SOCKET, unix.SO_ERROR)); errno != unix.Errno(0) { 187 t.Fatalf("unexpected error (%[1]d) %[1]v on clean socket", errno) 188 } 189 190 if errno := unix.Errno(d.dut.GetSockOptInt(t, d.remoteFD, unix.SOL_SOCKET, unix.SO_ERROR)); errno != d.wantErrno { 191 t.Fatalf("SO_ERROR sockopt after ICMP error is (%[1]d) %[1]v, expected (%[2]d) %[2]v", errno, d.wantErrno) 192 } 193 194 // Check that after clearing socket error, sending doesn't fail. 195 d.dut.SendTo(t, d.remoteFD, nil, 0, d.conn.LocalAddr(t)) 196 if _, err := d.conn.Expect(t, testbench.UDP{}, time.Second); err != nil { 197 t.Fatalf("did not receive UDP packet as expected: %s", err) 198 } 199 } 200 201 // TestUDPICMPErrorPropagation tests that ICMP error messages in response to 202 // UDP datagrams are processed correctly. RFC 1122 section 4.1.3.3 states that: 203 // "UDP MUST pass to the application layer all ICMP error messages that it 204 // receives from the IP layer." 205 // 206 // The test cases are parametrized in 3 dimensions: 1. the UDP socket is either 207 // put into connection mode or left connectionless, 2. the ICMP message type 208 // and code, and 3. the method by which the ICMP error is observed on the 209 // socket: sendto, recv, or getsockopt(SO_ERROR). 210 // 211 // Linux's udp(7) man page states: "All fatal errors will be passed to the user 212 // as an error return even when the socket is not connected. This includes 213 // asynchronous errors received from the network." In practice, the only 214 // combination of parameters to the test that causes an error to be observable 215 // on the UDP socket is receiving a port unreachable message on a connected 216 // socket. 217 func TestUDPICMPErrorPropagation(t *testing.T) { 218 for _, connect := range []connectionMode{true, false} { 219 for _, icmpErr := range []icmpError{portUnreachable, timeToLiveExceeded} { 220 wantErrno := wantErrno(connect, icmpErr) 221 222 for _, errDetect := range []errorDetection{ 223 {"SendTo", false, testSendTo}, 224 // Send to an address that's different from the one that caused an ICMP 225 // error to be returned. 226 {"SendToValid", true, testSendTo}, 227 {"Recv", false, testRecv}, 228 {"SockOpt", false, testSockOpt}, 229 } { 230 t.Run(fmt.Sprintf("%s/%s/%s", connect, icmpErr, errDetect.name), func(t *testing.T) { 231 dut := testbench.NewDUT(t) 232 233 remoteFD, remotePort := dut.CreateBoundSocket(t, unix.SOCK_DGRAM, unix.IPPROTO_UDP, net.IPv4zero) 234 defer dut.Close(t, remoteFD) 235 236 // Create a second, clean socket on the DUT to ensure that the ICMP 237 // error messages only affect the sockets they are intended for. 238 cleanFD, cleanPort := dut.CreateBoundSocket(t, unix.SOCK_DGRAM, unix.IPPROTO_UDP, net.IPv4zero) 239 defer dut.Close(t, cleanFD) 240 241 conn := dut.Net.NewUDPIPv4(t, testbench.UDP{DstPort: &remotePort}, testbench.UDP{SrcPort: &remotePort}) 242 defer conn.Close(t) 243 244 if connect { 245 dut.Connect(t, remoteFD, conn.LocalAddr(t)) 246 dut.Connect(t, cleanFD, conn.LocalAddr(t)) 247 } 248 249 dut.SendTo(t, remoteFD, nil, 0, conn.LocalAddr(t)) 250 udp, err := conn.Expect(t, testbench.UDP{}, time.Second) 251 if err != nil { 252 t.Fatalf("did not receive message from DUT: %s", err) 253 } 254 255 sendICMPError(t, &conn, icmpErr, udp) 256 257 errDetectConn := &conn 258 if errDetect.useValidConn { 259 // connClean is a UDP socket on the test runner that was not 260 // involved in the generation of the ICMP error. As such, 261 // interactions between it and the the DUT should be independent of 262 // the ICMP error at least at the port level. 263 connClean := dut.Net.NewUDPIPv4(t, testbench.UDP{DstPort: &remotePort}, testbench.UDP{SrcPort: &remotePort}) 264 defer connClean.Close(t) 265 266 errDetectConn = &connClean 267 } 268 269 errDetect.f(context.Background(), t, testData{&dut, errDetectConn, remoteFD, remotePort, cleanFD, cleanPort, wantErrno}) 270 }) 271 } 272 } 273 } 274 } 275 276 // TestICMPErrorDuringUDPRecv tests behavior when a UDP socket is in the middle 277 // of a blocking recv and receives an ICMP error. 278 func TestICMPErrorDuringUDPRecv(t *testing.T) { 279 for _, connect := range []connectionMode{true, false} { 280 for _, icmpErr := range []icmpError{portUnreachable, timeToLiveExceeded} { 281 wantErrno := wantErrno(connect, icmpErr) 282 283 t.Run(fmt.Sprintf("%s/%s", connect, icmpErr), func(t *testing.T) { 284 dut := testbench.NewDUT(t) 285 286 remoteFD, remotePort := dut.CreateBoundSocket(t, unix.SOCK_DGRAM, unix.IPPROTO_UDP, net.IPv4zero) 287 defer dut.Close(t, remoteFD) 288 289 // Create a second, clean socket on the DUT to ensure that the ICMP 290 // error messages only affect the sockets they are intended for. 291 cleanFD, cleanPort := dut.CreateBoundSocket(t, unix.SOCK_DGRAM, unix.IPPROTO_UDP, net.IPv4zero) 292 defer dut.Close(t, cleanFD) 293 294 conn := dut.Net.NewUDPIPv4(t, testbench.UDP{DstPort: &remotePort}, testbench.UDP{SrcPort: &remotePort}) 295 defer conn.Close(t) 296 297 if connect { 298 dut.Connect(t, remoteFD, conn.LocalAddr(t)) 299 dut.Connect(t, cleanFD, conn.LocalAddr(t)) 300 } 301 302 dut.SendTo(t, remoteFD, nil, 0, conn.LocalAddr(t)) 303 udp, err := conn.Expect(t, testbench.UDP{}, time.Second) 304 if err != nil { 305 t.Fatalf("did not receive message from DUT: %s", err) 306 } 307 308 var wg sync.WaitGroup 309 wg.Add(2) 310 go func() { 311 defer wg.Done() 312 313 if wantErrno != unix.Errno(0) { 314 ret, _, err := dut.RecvWithErrno(context.Background(), t, remoteFD, 100, 0) 315 if ret != -1 { 316 t.Errorf("recv during ICMP error succeeded unexpectedly, expected (%[1]d) %[1]v", wantErrno) 317 return 318 } 319 if err != wantErrno { 320 t.Errorf("recv during ICMP error resulted in error (%[1]d) %[1]v, expected (%[2]d) %[2]v", err, wantErrno) 321 return 322 } 323 } 324 325 if ret, _, err := dut.RecvWithErrno(context.Background(), t, remoteFD, 100, 0); ret == -1 { 326 t.Errorf("recv after ICMP error failed with (%[1]d) %[1]", err) 327 } 328 }() 329 330 go func() { 331 defer wg.Done() 332 333 if ret, _, err := dut.RecvWithErrno(context.Background(), t, cleanFD, 100, 0); ret == -1 { 334 t.Errorf("recv on clean socket failed with (%[1]d) %[1]", err) 335 } 336 }() 337 338 // TODO(b/155684889) This sleep is to allow time for the DUT to 339 // actually call recv since we want the ICMP error to arrive during the 340 // blocking recv, and should be replaced when a better synchronization 341 // alternative is available. 342 time.Sleep(2 * time.Second) 343 344 sendICMPError(t, &conn, icmpErr, udp) 345 346 conn.Send(t, testbench.UDP{DstPort: &cleanPort}) 347 conn.Send(t, testbench.UDP{}) 348 wg.Wait() 349 }) 350 } 351 } 352 }