1// SPDX-License-Identifier: GPL-2.0
2/* Test IPV6_FLOWINFO_MGR */
3
4#define _GNU_SOURCE
5
6#include <arpa/inet.h>
7#include <error.h>
8#include <errno.h>
9#include <limits.h>
10#include <linux/in6.h>
11#include <stdbool.h>
12#include <stdio.h>
13#include <stdint.h>
14#include <stdlib.h>
15#include <string.h>
16#include <sys/socket.h>
17#include <sys/stat.h>
18#include <sys/time.h>
19#include <sys/types.h>
20#include <sys/wait.h>
21#include <unistd.h>
22
23/* uapi/glibc weirdness may leave this undefined */
24#ifndef IPV6_FLOWLABEL_MGR
25#define IPV6_FLOWLABEL_MGR 32
26#endif
27
28/* from net/ipv6/ip6_flowlabel.c */
29#define FL_MIN_LINGER 6
30
31#define explain(x) \
32 do { if (cfg_verbose) fprintf(stderr, " " x "\n"); } while (0)
33
34#define __expect(x) \
35 do { \
36 if (!(x)) \
37 fprintf(stderr, "[OK] " #x "\n"); \
38 else \
39 error(1, 0, "[ERR] " #x " (line %d)", __LINE__); \
40 } while (0)
41
42#define expect_pass(x) __expect(x)
43#define expect_fail(x) __expect(!(x))
44
45static bool cfg_long_running;
46static bool cfg_verbose;
47
48static int flowlabel_get(int fd, uint32_t label, uint8_t share, uint16_t flags)
49{
50 struct in6_flowlabel_req req = {
51 .flr_action = IPV6_FL_A_GET,
52 .flr_label = htonl(label),
53 .flr_flags = flags,
54 .flr_share = share,
55 };
56
57 /* do not pass IPV6_ADDR_ANY or IPV6_ADDR_MAPPED */
58 req.flr_dst.s6_addr[0] = 0xfd;
59 req.flr_dst.s6_addr[15] = 0x1;
60
61 return setsockopt(fd, SOL_IPV6, IPV6_FLOWLABEL_MGR, &req, sizeof(req));
62}
63
64static int flowlabel_put(int fd, uint32_t label)
65{
66 struct in6_flowlabel_req req = {
67 .flr_action = IPV6_FL_A_PUT,
68 .flr_label = htonl(label),
69 };
70
71 return setsockopt(fd, SOL_IPV6, IPV6_FLOWLABEL_MGR, &req, sizeof(req));
72}
73
74static void run_tests(int fd)
75{
76 int wstatus;
77 pid_t pid;
78
79 explain("cannot get non-existent label");
80 expect_fail(flowlabel_get(fd, 1, IPV6_FL_S_ANY, 0));
81
82 explain("cannot put non-existent label");
83 expect_fail(flowlabel_put(fd, 1));
84
85 explain("cannot create label greater than 20 bits");
86 expect_fail(flowlabel_get(fd, 0x1FFFFF, IPV6_FL_S_ANY,
87 IPV6_FL_F_CREATE));
88
89 explain("create a new label (FL_F_CREATE)");
90 expect_pass(flowlabel_get(fd, 1, IPV6_FL_S_ANY, IPV6_FL_F_CREATE));
91 explain("can get the label (without FL_F_CREATE)");
92 expect_pass(flowlabel_get(fd, 1, IPV6_FL_S_ANY, 0));
93 explain("can get it again with create flag set, too");
94 expect_pass(flowlabel_get(fd, 1, IPV6_FL_S_ANY, IPV6_FL_F_CREATE));
95 explain("cannot get it again with the exclusive (FL_FL_EXCL) flag");
96 expect_fail(flowlabel_get(fd, 1, IPV6_FL_S_ANY,
97 IPV6_FL_F_CREATE | IPV6_FL_F_EXCL));
98 explain("can now put exactly three references");
99 expect_pass(flowlabel_put(fd, 1));
100 expect_pass(flowlabel_put(fd, 1));
101 expect_pass(flowlabel_put(fd, 1));
102 expect_fail(flowlabel_put(fd, 1));
103
104 explain("create a new exclusive label (FL_S_EXCL)");
105 expect_pass(flowlabel_get(fd, 2, IPV6_FL_S_EXCL, IPV6_FL_F_CREATE));
106 explain("cannot get it again in non-exclusive mode");
107 expect_fail(flowlabel_get(fd, 2, IPV6_FL_S_ANY, IPV6_FL_F_CREATE));
108 explain("cannot get it again in exclusive mode either");
109 expect_fail(flowlabel_get(fd, 2, IPV6_FL_S_EXCL, IPV6_FL_F_CREATE));
110 expect_pass(flowlabel_put(fd, 2));
111
112 if (cfg_long_running) {
113 explain("cannot reuse the label, due to linger");
114 expect_fail(flowlabel_get(fd, 2, IPV6_FL_S_ANY,
115 IPV6_FL_F_CREATE));
116 explain("after sleep, can reuse");
117 sleep(FL_MIN_LINGER * 2 + 1);
118 expect_pass(flowlabel_get(fd, 2, IPV6_FL_S_ANY,
119 IPV6_FL_F_CREATE));
120 }
121
122 explain("create a new user-private label (FL_S_USER)");
123 expect_pass(flowlabel_get(fd, 3, IPV6_FL_S_USER, IPV6_FL_F_CREATE));
124 explain("cannot get it again in non-exclusive mode");
125 expect_fail(flowlabel_get(fd, 3, IPV6_FL_S_ANY, 0));
126 explain("cannot get it again in exclusive mode");
127 expect_fail(flowlabel_get(fd, 3, IPV6_FL_S_EXCL, 0));
128 explain("can get it again in user mode");
129 expect_pass(flowlabel_get(fd, 3, IPV6_FL_S_USER, 0));
130 explain("child process can get it too, but not after setuid(nobody)");
131 pid = fork();
132 if (pid == -1)
133 error(1, errno, "fork");
134 if (!pid) {
135 expect_pass(flowlabel_get(fd, 3, IPV6_FL_S_USER, 0));
136 if (setuid(USHRT_MAX))
137 fprintf(stderr, "[INFO] skip setuid child test\n");
138 else
139 expect_fail(flowlabel_get(fd, 3, IPV6_FL_S_USER, 0));
140 exit(0);
141 }
142 if (wait(&wstatus) == -1)
143 error(1, errno, "wait");
144 if (!WIFEXITED(wstatus) || WEXITSTATUS(wstatus) != 0)
145 error(1, errno, "wait: unexpected child result");
146
147 explain("create a new process-private label (FL_S_PROCESS)");
148 expect_pass(flowlabel_get(fd, 4, IPV6_FL_S_PROCESS, IPV6_FL_F_CREATE));
149 explain("can get it again");
150 expect_pass(flowlabel_get(fd, 4, IPV6_FL_S_PROCESS, 0));
151 explain("child process cannot can get it");
152 pid = fork();
153 if (pid == -1)
154 error(1, errno, "fork");
155 if (!pid) {
156 expect_fail(flowlabel_get(fd, 4, IPV6_FL_S_PROCESS, 0));
157 exit(0);
158 }
159 if (wait(&wstatus) == -1)
160 error(1, errno, "wait");
161 if (!WIFEXITED(wstatus) || WEXITSTATUS(wstatus) != 0)
162 error(1, errno, "wait: unexpected child result");
163}
164
165static void parse_opts(int argc, char **argv)
166{
167 int c;
168
169 while ((c = getopt(argc, argv, "lv")) != -1) {
170 switch (c) {
171 case 'l':
172 cfg_long_running = true;
173 break;
174 case 'v':
175 cfg_verbose = true;
176 break;
177 default:
178 error(1, 0, "%s: parse error", argv[0]);
179 }
180 }
181}
182
183int main(int argc, char **argv)
184{
185 int fd;
186
187 parse_opts(argc, argv);
188
189 fd = socket(PF_INET6, SOCK_DGRAM, 0);
190 if (fd == -1)
191 error(1, errno, "socket");
192
193 run_tests(fd);
194
195 if (close(fd))
196 error(1, errno, "close");
197
198 return 0;
199}
200

source code of linux/tools/testing/selftests/net/ipv6_flowlabel_mgr.c