xref: /aosp_15_r20/kernel/tests/net/test/kernel_feature_test.py (revision 2f2c4c7ab4226c71756b9c31670392fdd6887c4f) 
1#!/usr/bin/python3
2#
3# Copyright 2016 The Android Open Source Project
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17import errno
18import gzip
19import os
20from socket import *  # pylint: disable=wildcard-import,g-importing-member
21import unittest
22
23import gki
24import net_test
25
26
27class KernelFeatureTest(net_test.NetworkTest):
28  KCONFIG = None
29  AID_NET_RAW = 3004
30
31  @classmethod
32  def getKernelConfigFile(cls):
33    try:
34      return gzip.open("/proc/config.gz", mode="rt")
35    except FileNotFoundError:
36      return open("/boot/config-" + os.uname()[2], mode="rt")
37
38  @classmethod
39  def loadKernelConfig(cls):
40    cls.KCONFIG = {}
41    with cls.getKernelConfigFile() as f:
42      for line in f:
43        line = line.strip()
44        parts = line.split("=")
45        if (len(parts) == 2):
46          # Lines of the form:
47          # CONFIG_FOO=y
48          cls.KCONFIG[parts[0]] = parts[1]
49
50  @classmethod
51  def setUpClass(cls):
52    super(net_test.NetworkTest, cls).setUpClass()
53    cls.loadKernelConfig()
54
55  def assertFeatureAbsent(self, feature_name):
56    return self.assertNotIn(feature_name, self.KCONFIG)
57
58  def assertFeatureBuiltIn(self, feature_name):
59    return self.assertEqual("y", self.KCONFIG[feature_name])
60
61  def assertFeatureModular(self, feature_name):
62    return self.assertEqual("m", self.KCONFIG[feature_name])
63
64  def assertFeatureEnabled(self, feature_name):
65    return self.assertIn(self.KCONFIG[feature_name], ["m", "y"])
66
67  def testNetfilterRejectEnabled(self):
68    """Verify that CONFIG_IP{,6}_NF_{FILTER,TARGET_REJECT} is enabled."""
69    self.assertFeatureBuiltIn("CONFIG_IP_NF_FILTER")
70    self.assertFeatureBuiltIn("CONFIG_IP_NF_TARGET_REJECT")
71
72    self.assertFeatureBuiltIn("CONFIG_IP6_NF_FILTER")
73    self.assertFeatureBuiltIn("CONFIG_IP6_NF_TARGET_REJECT")
74
75  def testRemovedAndroidParanoidNetwork(self):
76    """Verify that ANDROID_PARANOID_NETWORK is gone.
77
78       On a 4.14-q kernel you can achieve this by simply
79       changing the ANDROID_PARANOID_NETWORK default y to n
80       in your kernel source code in net/Kconfig:
81
82       @@ -94,3 +94,3 @@ endif # if INET
83        config ANDROID_PARANOID_NETWORK
84               bool "Only allow certain groups to create sockets"
85       -       default y
86       +       default n
87    """
88    with net_test.RunAsUidGid(12345, self.AID_NET_RAW):
89      self.assertRaisesErrno(errno.EPERM, socket, AF_PACKET, SOCK_RAW, 0)
90
91  @unittest.skipUnless(net_test.IS_GSI, "not GSI")
92  def testIsGSI(self):
93    pass
94
95  @unittest.skipUnless(gki.IS_GKI, "not GKI")
96  def testIsGKI(self):
97    pass
98
99
100if __name__ == "__main__":
101  unittest.main()
102