routes_common/
common.rs

1// Copyright 2024 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use fidl::endpoints::ProtocolMarker;
6use fidl_fuchsia_net_routes_ext::admin::FidlRouteAdminIpExt;
7use fidl_fuchsia_net_routes_ext::rules::{FidlRuleAdminIpExt, RuleIndex};
8use fidl_fuchsia_net_routes_ext::{self as fnet_routes_ext, FidlRouteIpExt};
9use net_types::SpecifiedAddr;
10use net_types::ip::{Ip, Subnet};
11use netstack_testing_common::realms::{Netstack, TestSandboxExt as _};
12use {
13    fidl_fuchsia_net_interfaces_ext as fnet_interfaces_ext,
14    fidl_fuchsia_net_matchers_ext as fnet_matchers_ext, fidl_fuchsia_net_routes as fnet_routes,
15};
16
17/// Common test setup that can be shared by all routes tests.
18pub struct TestSetup<'a, I: Ip + FidlRouteIpExt + FidlRouteAdminIpExt> {
19    pub realm: netemul::TestRealm<'a>,
20    pub network: netemul::TestNetwork<'a>,
21    pub interface: netemul::TestInterface<'a>,
22    pub route_table: <I::RouteTableMarker as ProtocolMarker>::Proxy,
23    pub global_route_table: <I::GlobalRouteTableMarker as ProtocolMarker>::Proxy,
24    pub state: <I::StateMarker as ProtocolMarker>::Proxy,
25}
26
27impl<'a, I: Ip + FidlRouteIpExt + FidlRouteAdminIpExt> TestSetup<'a, I> {
28    /// Creates a new test setup.
29    pub async fn new<N: Netstack>(
30        sandbox: &'a netemul::TestSandbox,
31        name: &str,
32    ) -> TestSetup<'a, I> {
33        let realm = sandbox
34            .create_netstack_realm::<N, _>(format!("routes-admin-{name}"))
35            .expect("create realm");
36        let network =
37            sandbox.create_network(format!("routes-admin-{name}")).await.expect("create network");
38        let interface = realm.join_network(&network, "ep1").await.expect("join network");
39        let route_table = realm
40            .connect_to_protocol::<I::RouteTableMarker>()
41            .expect("connect to routes-admin RouteTable");
42        let global_route_table = realm
43            .connect_to_protocol::<I::GlobalRouteTableMarker>()
44            .expect("connect to global route set provider");
45
46        let state = realm.connect_to_protocol::<I::StateMarker>().expect("connect to routes State");
47        TestSetup { realm, network, interface, route_table, global_route_table, state }
48    }
49}
50
51/// A route for testing.
52pub fn test_route<I: Ip>(
53    interface: &netemul::TestInterface<'_>,
54    metric: fnet_routes::SpecifiedMetric,
55) -> fnet_routes_ext::Route<I> {
56    let destination = I::map_ip(
57        (),
58        |()| net_declare::net_subnet_v4!("192.0.2.0/24"),
59        |()| net_declare::net_subnet_v6!("2001:DB8::/64"),
60    );
61    let next_hop_addr = I::map_ip(
62        (),
63        |()| net_declare::net_ip_v4!("192.0.2.1"),
64        |()| net_declare::net_ip_v6!("2001:DB8::1"),
65    );
66
67    fnet_routes_ext::Route {
68        destination,
69        action: fnet_routes_ext::RouteAction::Forward(fnet_routes_ext::RouteTarget {
70            outbound_interface: interface.id(),
71            next_hop: Some(SpecifiedAddr::new(next_hop_addr).expect("is specified")),
72        }),
73        properties: fnet_routes_ext::RouteProperties {
74            specified_properties: fnet_routes_ext::SpecifiedRouteProperties { metric },
75        },
76    }
77}
78
79/// Possible mark matcher settings for a rule.
80pub enum MarkMatcher {
81    /// The matcher is not present, it does not match on the marks.
82    DontMatch,
83    /// The matcher only matches when the mark is not present.
84    MatchUnmarked,
85    /// The matcher only matches when the mark is set to the given number.
86    MatchMarked(u32),
87}
88
89impl From<MarkMatcher> for Option<fnet_matchers_ext::Mark> {
90    fn from(value: MarkMatcher) -> Self {
91        match value {
92            MarkMatcher::DontMatch => None,
93            MarkMatcher::MatchUnmarked => Some(fnet_matchers_ext::Mark::Unmarked),
94            MarkMatcher::MatchMarked(m) => {
95                Some(fnet_matchers_ext::Mark::Marked { mask: !0, between: m..=m, invert: false })
96            }
97        }
98    }
99}
100
101// Creates a new route table that has a default route using the given
102// `interface`; Also installs a rule that matches on the given `mark`
103// to lookup the created route table.
104pub async fn add_default_route_for_mark<
105    I: FidlRouteAdminIpExt + FidlRuleAdminIpExt + FidlRouteIpExt,
106>(
107    route_table_provider: &<I::RouteTableProviderMarker as ProtocolMarker>::Proxy,
108    rule_set: &<I::RuleSetMarker as ProtocolMarker>::Proxy,
109    interface: &netemul::TestInterface<'_>,
110    next_hop: Option<SpecifiedAddr<I::Addr>>,
111    index: u32,
112    mark_1: MarkMatcher,
113    mark_2: MarkMatcher,
114) -> <I::RouteSetMarker as ProtocolMarker>::Proxy {
115    let route_table = fnet_routes_ext::admin::new_route_table::<I>(route_table_provider, None)
116        .expect("new route table");
117    let route_set =
118        fnet_routes_ext::admin::new_route_set::<I>(&route_table).expect("new route set");
119    let route_to_add = fnet_routes_ext::Route {
120        destination: Subnet::new(I::UNSPECIFIED_ADDRESS, 0).expect("subnet"),
121        action: fnet_routes_ext::RouteAction::Forward(fnet_routes_ext::RouteTarget::<I> {
122            outbound_interface: interface.id(),
123            next_hop,
124        }),
125        properties: fnet_routes_ext::RouteProperties {
126            specified_properties: fnet_routes_ext::SpecifiedRouteProperties {
127                metric: fnet_routes::SpecifiedMetric::InheritedFromInterface(fnet_routes::Empty),
128            },
129        },
130    };
131    let grant = interface.get_authorization().await.expect("getting grant should succeed");
132    let proof = fnet_interfaces_ext::admin::proof_from_grant(&grant);
133    fnet_routes_ext::admin::authenticate_for_interface::<I>(&route_set, proof)
134        .await
135        .expect("no FIDL error")
136        .expect("authentication should succeed");
137    assert!(
138        fnet_routes_ext::admin::add_route::<I>(
139            &route_set,
140            &route_to_add.try_into().expect("convert to FIDL")
141        )
142        .await
143        .expect("fidl")
144        .expect("add route")
145    );
146    fnet_routes_ext::admin::detach_route_table::<I>(&route_table).await.expect("fidl error");
147
148    let table_id =
149        fnet_routes_ext::admin::get_table_id::<I>(&route_table).await.expect("fidl error");
150
151    let auth = fnet_routes_ext::admin::get_authorization_for_route_table::<I>(&route_table)
152        .await
153        .expect("fidl error");
154    fnet_routes_ext::rules::authenticate_for_route_table::<I>(&rule_set, auth.table_id, auth.token)
155        .await
156        .expect("fidl error")
157        .expect("authentication error");
158    fnet_routes_ext::rules::add_rule::<I>(
159        &rule_set,
160        RuleIndex::new(index),
161        fnet_routes_ext::rules::RuleMatcher {
162            mark_1: mark_1.into(),
163            mark_2: mark_2.into(),
164            ..Default::default()
165        },
166        fnet_routes_ext::rules::RuleAction::Lookup(table_id),
167    )
168    .await
169    .expect("fidl")
170    .expect("add rule");
171
172    route_set
173}
routes_common/common.rs

routes_common/
common.rs
