Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / a73576568ec540edc247f9bb7ef80f0301d8b71b^! / . / server / IptablesRestoreControllerTest.cpp
commita73576568ec540edc247f9bb7ef80f0301d8b71b[log] [tgz]
authorLorenzo Colitti <lorenzo@google.com>Tue Apr 25 00:16:36 2017 +0900
committerLorenzo Colitti <lorenzo@google.com>Tue Apr 25 16:20:54 2017 +0900
tree1c28db7c558dc50c47e6fcb8cd60d64ab95ec022
parent018e4a94bd38c09dc8d5cb678ec114de32203fa2 [diff] [blame]
Use IptablesRestoreController for UID rule updates.

Bug: 32073253
Test: netd_{unit,integration}_test passes
Test: bullhead builds, boots
Test: fw_powersave chain correctly updated when updating battery optimization whitelist
Test: fw_powersave chain correctly updated when bringing apps into foreground
Change-Id: I964b7664718f353057047c66e69351169b5cf453

diff --git a/server/IptablesRestoreControllerTest.cpp b/server/IptablesRestoreControllerTest.cpp
index 515dee6..43041ec 100644
--- a/server/IptablesRestoreControllerTest.cpp
+++ b/server/IptablesRestoreControllerTest.cpp

@@ -29,6 +29,7 @@
 
 #include "IptablesRestoreController.h"
 #include "NetdConstants.h"
+#include "Stopwatch.h"
 
 #define XT_LOCK_NAME "/system/etc/xtables.lock"
 #define XT_LOCK_ATTEMPTS 10
@@ -239,3 +240,33 @@
   EXPECT_EQ(0, con.execute(IptablesTarget::V4V6, commandString, &output));
   EXPECT_EQ(expected, output);
 }
+
+TEST_F(IptablesRestoreControllerTest, TestUidRuleBenchmark) {
+    const std::vector<int> ITERATIONS = { 1, 5, 10 };
+
+    const std::string IPTABLES_RESTORE_ADD =
+            "*filter\n-I fw_powersave -m owner --uid-owner 2000000000 -j RETURN\nCOMMIT\n";
+    const std::string IPTABLES_RESTORE_DEL =
+            "*filter\n-D fw_powersave -m owner --uid-owner 2000000000 -j RETURN\nCOMMIT\n";
+
+    for (const int iterations : ITERATIONS) {
+        Stopwatch s;
+        for (int i = 0; i < iterations; i++) {
+            EXPECT_EQ(0, con.execute(V4V6, IPTABLES_RESTORE_ADD, nullptr));
+            EXPECT_EQ(0, con.execute(V4V6, IPTABLES_RESTORE_DEL, nullptr));
+        }
+        float timeTaken = s.getTimeAndReset();
+        fprintf(stderr, "    Add/del %d UID rules via restore: %.1fms (%.2fms per operation)\n",
+                iterations, timeTaken, timeTaken / 2 / iterations);
+
+        for (int i = 0; i < iterations; i++) {
+            EXPECT_EQ(0, execIptables(V4V6, "-I", "fw_powersave", "-m", "owner",
+                                      "--uid-owner", "2000000000", "-j", "RETURN", nullptr));
+            EXPECT_EQ(0, execIptables(V4V6, "-D", "fw_powersave", "-m", "owner",
+                                      "--uid-owner", "2000000000", "-j", "RETURN", nullptr));
+        }
+        timeTaken = s.getTimeAndReset();
+        fprintf(stderr, "    Add/del %d UID rules via iptables: %.1fms (%.2fms per operation)\n",
+                iterations, timeTaken, timeTaken / 2 / iterations);
+    }
+}