Blame - client/NetdClientTest.cpp - platform/system/netd

blob: 20f601a7c944ef5d08e30acdf7d73035c5f79fe3 [file] [log] [blame]

Luke Huang	63df948	2019-05-25 18:24:03 +0800	[diff] [blame]	1	/*
				2	* Copyright (C) 2019 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	#include <poll.h> /* poll */
				18	#include <sys/socket.h>
				19
				20	#include <thread>
				21
				22	#include <android-base/parseint.h>
				23	#include <android-base/unique_fd.h>
				24	#include <gtest/gtest.h>
				25
				26	#include "NetdClient.h"
				27	#include "netdclient_priv.h"
				28
				29	namespace {
				30
				31	// Keep in sync with FrameworkListener.cpp (500, "Command not recognized")
				32	constexpr char NOT_SUPPORT_MSG[] = "500 Command not recognized";
				33
Luke Huang	27f6c3d	2020-06-18 04:21:24 +0800	[diff] [blame]	34	int openDnsProxyFuncStub() {
				35	return -1;
				36	};
				37
				38	typedef int (*DnsOpenProxyType)();
				39	typedef int (*SocketFunctionType)(int, int, int);
				40
				41	DnsOpenProxyType openDnsProxyFuncPtr = openDnsProxyFuncStub;
				42	SocketFunctionType socketFuncPtr = socket;
				43
Luke Huang	63df948	2019-05-25 18:24:03 +0800	[diff] [blame]	44	void serverLoop(int dnsProxyFd) {
				45	while (true) {
				46	pollfd fds[1] = {{.fd = dnsProxyFd, .events = POLLIN}};
				47	enum { SERVERFD = 0 };
				48
Luke Huang	76577c6	2019-06-04 01:33:14 +0800	[diff] [blame]	49	int poll_result = TEMP_FAILURE_RETRY(poll(fds, std::size(fds), -1));
				50	ASSERT_GT(poll_result, 0);
Luke Huang	63df948	2019-05-25 18:24:03 +0800	[diff] [blame]	51
Luke Huang	76577c6	2019-06-04 01:33:14 +0800	[diff] [blame]	52	if (fds[SERVERFD].revents & POLLERR) return;
Luke Huang	63df948	2019-05-25 18:24:03 +0800	[diff] [blame]	53	if (fds[SERVERFD].revents & POLLIN) {
				54	char buf[4096];
				55	TEMP_FAILURE_RETRY(read(fds[SERVERFD].fd, &buf, sizeof(buf)));
				56	// TODO: verify command
				57	TEMP_FAILURE_RETRY(write(fds[SERVERFD].fd, NOT_SUPPORT_MSG, sizeof(NOT_SUPPORT_MSG)));
				58	}
				59	}
				60	}
				61
Luke Huang	27f6c3d	2020-06-18 04:21:24 +0800	[diff] [blame]	62	void expectAllowNetworkingForProcess() {
				63	// netdClientSocket
				64	android::base::unique_fd ipv4(socketFuncPtr(AF_INET, SOCK_STREAM \| SOCK_CLOEXEC, 0)),
				65	ipv6(socketFuncPtr(AF_INET6, SOCK_STREAM \| SOCK_CLOEXEC, 0));
				66	EXPECT_LE(3, ipv4);
				67	EXPECT_LE(3, ipv6);
				68
				69	// dns_open_proxy
				70	android::base::unique_fd dnsproxydSocket(openDnsProxyFuncPtr());
				71	EXPECT_LE(3, dnsproxydSocket);
				72	}
				73
				74	void expectNotAllowNetworkingForProcess() {
				75	// netdClientSocket
				76	android::base::unique_fd unixSocket(socketFuncPtr(AF_UNIX, SOCK_STREAM \| SOCK_CLOEXEC, 0));
				77	EXPECT_LE(3, unixSocket);
				78	android::base::unique_fd ipv4(socketFuncPtr(AF_INET, SOCK_STREAM \| SOCK_CLOEXEC, 0));
				79	EXPECT_EQ(-1, ipv4);
				80	EXPECT_EQ(errno, EPERM);
				81	android::base::unique_fd ipv6(socketFuncPtr(AF_INET6, SOCK_STREAM \| SOCK_CLOEXEC, 0));
				82	EXPECT_EQ(-1, ipv6);
				83	EXPECT_EQ(errno, EPERM);
				84
				85	// dns_open_proxy
				86	android::base::unique_fd dnsproxydSocket(openDnsProxyFuncPtr());
				87	EXPECT_EQ(-1, dnsproxydSocket);
				88	EXPECT_EQ(errno, EPERM);
				89	}
				90
Luke Huang	63df948	2019-05-25 18:24:03 +0800	[diff] [blame]	91	} // namespace
				92
				93	TEST(NetdClientTest, getNetworkForDnsInternal) {
				94	// Test invalid fd
				95	unsigned dnsNetId = 0;
				96	const int invalidFd = -1;
				97	EXPECT_EQ(-EBADF, getNetworkForDnsInternal(invalidFd, &dnsNetId));
				98
				99	// Test what the client does if the resolver does not support the "getdnsnetid" command.
				100	android::base::unique_fd clientFd, serverFd;
				101	ASSERT_TRUE(android::base::Socketpair(AF_UNIX, &clientFd, &serverFd));
				102
				103	std::thread serverThread = std::thread(serverLoop, serverFd.get());
				104
				105	EXPECT_EQ(-EOPNOTSUPP, getNetworkForDnsInternal(clientFd.get(), &dnsNetId));
				106
				107	clientFd.reset(); // Causes serverLoop() to exit
				108	serverThread.join();
				109	}
				110
				111	TEST(NetdClientTest, getNetworkForDns) {
				112	// Test null input
				113	unsigned* testNull = nullptr;
				114	EXPECT_EQ(-EFAULT, getNetworkForDns(testNull));
				115	}
Treehugger Robot	1b96665	2020-04-07 05:50:41 +0000	[diff] [blame]	116
				117	TEST(NetdClientTest, protectFromVpnBadFd) {
				118	EXPECT_EQ(-EBADF, protectFromVpn(-1));
				119	}
				120
				121	TEST(NetdClientTest, protectFromVpnUnixStream) {
				122	int s = socket(AF_UNIX, SOCK_STREAM \| SOCK_CLOEXEC, 0);
				123	ASSERT_GE(s, 3);
				124	EXPECT_EQ(-EAFNOSUPPORT, protectFromVpn(s));
				125	close(s);
				126	}
				127
				128	TEST(NetdClientTest, protectFromVpnTcp6) {
				129	int s = socket(AF_INET6, SOCK_STREAM \| SOCK_CLOEXEC, 0);
				130	ASSERT_GE(s, 3);
				131	EXPECT_EQ(0, protectFromVpn(s));
				132	close(s);
				133	}
Luke Huang	27f6c3d	2020-06-18 04:21:24 +0800	[diff] [blame]	134
				135	TEST(NetdClientTest, setAllowNetworkingForProcess) {
				136	netdClientInitDnsOpenProxy(&openDnsProxyFuncPtr);
				137	netdClientInitSocket(&socketFuncPtr);
				138	// At the beginning, we should be able to use socket since the default setting is allowing.
				139	expectAllowNetworkingForProcess();
				140	// Disable
				141	setAllowNetworkingForProcess(false);
				142	expectNotAllowNetworkingForProcess();
				143	// Reset
				144	setAllowNetworkingForProcess(true);
				145	expectAllowNetworkingForProcess();
				146	}