diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2018-08-23 11:35:55 -0700 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-08-28 23:20:13 -0600 |
| commit | f103d1e2b420231c37684750cd36a825425fc313 (patch) | |
| tree | 4a8d86eda58d149d85a2d99a53e9b2370fc58b5f /src/selftest | |
| parent | wg-quick: check correct variable for route deduplication (diff) | |
| download | wireguard-monolithic-historical-f103d1e2b420231c37684750cd36a825425fc313.tar.xz wireguard-monolithic-historical-f103d1e2b420231c37684750cd36a825425fc313.zip | |
global: run through clang-format
This is the worst commit in the whole repo, making the code much less
readable, but so it goes with upstream maintainers.
We are now woefully wrapped at 80 columns.
Diffstat (limited to 'src/selftest')
| -rw-r--r-- | src/selftest/allowedips.h | 276 | ||||
| -rw-r--r-- | src/selftest/counter.h | 25 | ||||
| -rw-r--r-- | src/selftest/ratelimiter.h | 48 |
3 files changed, 221 insertions, 128 deletions
diff --git a/src/selftest/allowedips.h b/src/selftest/allowedips.h index 1cf8c8f..28461d7 100644 --- a/src/selftest/allowedips.h +++ b/src/selftest/allowedips.h @@ -8,7 +8,8 @@ #ifdef DEBUG_PRINT_TRIE_GRAPHVIZ #include <linux/siphash.h> -static __init void swap_endian_and_apply_cidr(u8 *dst, const u8 *src, u8 bits, u8 cidr) +static __init void swap_endian_and_apply_cidr(u8 *dst, const u8 *src, u8 bits, + u8 cidr) { swap_endian(dst, src, bits); memset(dst + (cidr + 7) / 8, 0, bits / 8 - (cidr + 7) / 8); @@ -18,34 +19,44 @@ static __init void swap_endian_and_apply_cidr(u8 *dst, const u8 *src, u8 bits, u static __init void print_node(struct allowedips_node *node, u8 bits) { - u32 color = 0; - char *style = "dotted"; char *fmt_connection = KERN_DEBUG "\t\"%p/%d\" -> \"%p/%d\";\n"; - char *fmt_declaration = KERN_DEBUG "\t\"%p/%d\"[style=%s, color=\"#%06x\"];\n"; + char *fmt_declaration = KERN_DEBUG + "\t\"%p/%d\"[style=%s, color=\"#%06x\"];\n"; + char *style = "dotted"; u8 ip1[16], ip2[16]; + u32 color = 0; + if (bits == 32) { fmt_connection = KERN_DEBUG "\t\"%pI4/%d\" -> \"%pI4/%d\";\n"; - fmt_declaration = KERN_DEBUG "\t\"%pI4/%d\"[style=%s, color=\"#%06x\"];\n"; + fmt_declaration = KERN_DEBUG + "\t\"%pI4/%d\"[style=%s, color=\"#%06x\"];\n"; } else if (bits == 128) { fmt_connection = KERN_DEBUG "\t\"%pI6/%d\" -> \"%pI6/%d\";\n"; - fmt_declaration = KERN_DEBUG "\t\"%pI6/%d\"[style=%s, color=\"#%06x\"];\n"; + fmt_declaration = KERN_DEBUG + "\t\"%pI6/%d\"[style=%s, color=\"#%06x\"];\n"; } if (node->peer) { hsiphash_key_t key = { 0 }; memcpy(&key, &node->peer, sizeof(node->peer)); - color = hsiphash_1u32(0xdeadbeef, &key) % 200 << 16 | hsiphash_1u32(0xbabecafe, &key) % 200 << 8 | hsiphash_1u32(0xabad1dea, &key) % 200; + color = hsiphash_1u32(0xdeadbeef, &key) % 200 << 16 | + hsiphash_1u32(0xbabecafe, &key) % 200 << 8 | + hsiphash_1u32(0xabad1dea, &key) % 200; style = "bold"; } swap_endian_and_apply_cidr(ip1, node->bits, bits, node->cidr); printk(fmt_declaration, ip1, node->cidr, style, color); if (node->bit[0]) { - swap_endian_and_apply_cidr(ip2, node->bit[0]->bits, bits, node->cidr); - printk(fmt_connection, ip1, node->cidr, ip2, node->bit[0]->cidr); + swap_endian_and_apply_cidr(ip2, node->bit[0]->bits, bits, + node->cidr); + printk(fmt_connection, ip1, node->cidr, ip2, + node->bit[0]->cidr); print_node(node->bit[0], bits); } if (node->bit[1]) { - swap_endian_and_apply_cidr(ip2, node->bit[1]->bits, bits, node->cidr); - printk(fmt_connection, ip1, node->cidr, ip2, node->bit[1]->cidr); + swap_endian_and_apply_cidr(ip2, node->bit[1]->bits, bits, + node->cidr); + printk(fmt_connection, ip1, node->cidr, ip2, + node->bit[1]->cidr); print_node(node->bit[1], bits); } } @@ -79,9 +90,10 @@ static __init void horrible_allowedips_init(struct horrible_allowedips *table) } static __init void horrible_allowedips_free(struct horrible_allowedips *table) { - struct hlist_node *h; struct horrible_allowedips_node *node; - hlist_for_each_entry_safe(node, h, &table->head, table) { + struct hlist_node *h; + + hlist_for_each_entry_safe (node, h, &table->head, table) { hlist_del(&node->table); kfree(node); } @@ -89,20 +101,21 @@ static __init void horrible_allowedips_free(struct horrible_allowedips *table) static __init inline union nf_inet_addr horrible_cidr_to_mask(uint8_t cidr) { union nf_inet_addr mask; + memset(&mask, 0x00, 128 / 8); memset(&mask, 0xff, cidr / 8); if (cidr % 32) - mask.all[cidr / 32] = htonl((0xFFFFFFFFUL << (32 - (cidr % 32))) & 0xFFFFFFFFUL); + mask.all[cidr / 32] = htonl( + (0xFFFFFFFFUL << (32 - (cidr % 32))) & 0xFFFFFFFFUL); return mask; } static __init inline uint8_t horrible_mask_to_cidr(union nf_inet_addr subnet) { - return hweight32(subnet.all[0]) - + hweight32(subnet.all[1]) - + hweight32(subnet.all[2]) - + hweight32(subnet.all[3]); + return hweight32(subnet.all[0]) + hweight32(subnet.all[1]) + + hweight32(subnet.all[2]) + hweight32(subnet.all[3]); } -static __init inline void horrible_mask_self(struct horrible_allowedips_node *node) +static __init inline void +horrible_mask_self(struct horrible_allowedips_node *node) { if (node->ip_version == 4) node->ip.ip &= node->mask.ip; @@ -113,24 +126,36 @@ static __init inline void horrible_mask_self(struct horrible_allowedips_node *no node->ip.ip6[3] &= node->mask.ip6[3]; } } -static __init inline bool horrible_match_v4(const struct horrible_allowedips_node *node, struct in_addr *ip) +static __init inline bool +horrible_match_v4(const struct horrible_allowedips_node *node, + struct in_addr *ip) { return (ip->s_addr & node->mask.ip) == node->ip.ip; } -static __init inline bool horrible_match_v6(const struct horrible_allowedips_node *node, struct in6_addr *ip) +static __init inline bool +horrible_match_v6(const struct horrible_allowedips_node *node, + struct in6_addr *ip) { - return (ip->in6_u.u6_addr32[0] & node->mask.ip6[0]) == node->ip.ip6[0] && - (ip->in6_u.u6_addr32[1] & node->mask.ip6[1]) == node->ip.ip6[1] && - (ip->in6_u.u6_addr32[2] & node->mask.ip6[2]) == node->ip.ip6[2] && - (ip->in6_u.u6_addr32[3] & node->mask.ip6[3]) == node->ip.ip6[3]; + return (ip->in6_u.u6_addr32[0] & node->mask.ip6[0]) == + node->ip.ip6[0] && + (ip->in6_u.u6_addr32[1] & node->mask.ip6[1]) == + node->ip.ip6[1] && + (ip->in6_u.u6_addr32[2] & node->mask.ip6[2]) == + node->ip.ip6[2] && + (ip->in6_u.u6_addr32[3] & node->mask.ip6[3]) == node->ip.ip6[3]; } -static __init void horrible_insert_ordered(struct horrible_allowedips *table, struct horrible_allowedips_node *node) +static __init void +horrible_insert_ordered(struct horrible_allowedips *table, + struct horrible_allowedips_node *node) { struct horrible_allowedips_node *other = NULL, *where = NULL; uint8_t my_cidr = horrible_mask_to_cidr(node->mask); - hlist_for_each_entry(other, &table->head, table) { - if (!memcmp(&other->mask, &node->mask, sizeof(union nf_inet_addr)) && - !memcmp(&other->ip, &node->ip, sizeof(union nf_inet_addr)) && + + hlist_for_each_entry (other, &table->head, table) { + if (!memcmp(&other->mask, &node->mask, + sizeof(union nf_inet_addr)) && + !memcmp(&other->ip, &node->ip, + sizeof(union nf_inet_addr)) && other->ip_version == node->ip_version) { other->value = node->value; kfree(node); @@ -147,9 +172,13 @@ static __init void horrible_insert_ordered(struct horrible_allowedips *table, st else hlist_add_before(&node->table, &where->table); } -static __init int horrible_allowedips_insert_v4(struct horrible_allowedips *table, struct in_addr *ip, uint8_t cidr, void *value) +static __init int +horrible_allowedips_insert_v4(struct horrible_allowedips *table, + struct in_addr *ip, uint8_t cidr, void *value) { - struct horrible_allowedips_node *node = kzalloc(sizeof(struct horrible_allowedips_node), GFP_KERNEL); + struct horrible_allowedips_node *node = + kzalloc(sizeof(struct horrible_allowedips_node), GFP_KERNEL); + if (!node) return -ENOMEM; node->ip.in = *ip; @@ -160,9 +189,13 @@ static __init int horrible_allowedips_insert_v4(struct horrible_allowedips *tabl horrible_insert_ordered(table, node); return 0; } -static __init int horrible_allowedips_insert_v6(struct horrible_allowedips *table, struct in6_addr *ip, uint8_t cidr, void *value) +static __init int +horrible_allowedips_insert_v6(struct horrible_allowedips *table, + struct in6_addr *ip, uint8_t cidr, void *value) { - struct horrible_allowedips_node *node = kzalloc(sizeof(struct horrible_allowedips_node), GFP_KERNEL); + struct horrible_allowedips_node *node = + kzalloc(sizeof(struct horrible_allowedips_node), GFP_KERNEL); + if (!node) return -ENOMEM; node->ip.in6 = *ip; @@ -173,11 +206,14 @@ static __init int horrible_allowedips_insert_v6(struct horrible_allowedips *tabl horrible_insert_ordered(table, node); return 0; } -static __init void *horrible_allowedips_lookup_v4(struct horrible_allowedips *table, struct in_addr *ip) +static __init void * +horrible_allowedips_lookup_v4(struct horrible_allowedips *table, + struct in_addr *ip) { struct horrible_allowedips_node *node; void *ret = NULL; - hlist_for_each_entry(node, &table->head, table) { + + hlist_for_each_entry (node, &table->head, table) { if (node->ip_version != 4) continue; if (horrible_match_v4(node, ip)) { @@ -187,11 +223,14 @@ static __init void *horrible_allowedips_lookup_v4(struct horrible_allowedips *ta } return ret; } -static __init void *horrible_allowedips_lookup_v6(struct horrible_allowedips *table, struct in6_addr *ip) +static __init void * +horrible_allowedips_lookup_v6(struct horrible_allowedips *table, + struct in6_addr *ip) { struct horrible_allowedips_node *node; void *ret = NULL; - hlist_for_each_entry(node, &table->head, table) { + + hlist_for_each_entry (node, &table->head, table) { if (node->ip_version != 6) continue; if (horrible_match_v6(node, ip)) { @@ -204,13 +243,13 @@ static __init void *horrible_allowedips_lookup_v6(struct horrible_allowedips *ta static __init bool randomized_test(void) { - DEFINE_MUTEX(mutex); - bool ret = false; unsigned int i, j, k, mutate_amount, cidr; + u8 ip[16], mutate_mask[16], mutated[16]; struct wireguard_peer **peers, *peer; - struct allowedips t; struct horrible_allowedips h; - u8 ip[16], mutate_mask[16], mutated[16]; + DEFINE_MUTEX(mutex); + struct allowedips t; + bool ret = false; mutex_init(&mutex); @@ -237,11 +276,13 @@ static __init bool randomized_test(void) prandom_bytes(ip, 4); cidr = prandom_u32_max(32) + 1; peer = peers[prandom_u32_max(NUM_PEERS)]; - if (allowedips_insert_v4(&t, (struct in_addr *)ip, cidr, peer, &mutex) < 0) { + if (allowedips_insert_v4(&t, (struct in_addr *)ip, cidr, peer, + &mutex) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } - if (horrible_allowedips_insert_v4(&h, (struct in_addr *)ip, cidr, peer) < 0) { + if (horrible_allowedips_insert_v4(&h, (struct in_addr *)ip, + cidr, peer) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } @@ -251,18 +292,23 @@ static __init bool randomized_test(void) mutate_amount = prandom_u32_max(32); for (k = 0; k < mutate_amount / 8; ++k) mutate_mask[k] = 0xff; - mutate_mask[k] = 0xff << ((8 - (mutate_amount % 8)) % 8); + mutate_mask[k] = 0xff + << ((8 - (mutate_amount % 8)) % 8); for (; k < 4; ++k) mutate_mask[k] = 0; for (k = 0; k < 4; ++k) - mutated[k] = (mutated[k] & mutate_mask[k]) | (~mutate_mask[k] & prandom_u32_max(256)); + mutated[k] = (mutated[k] & mutate_mask[k]) | + (~mutate_mask[k] & + prandom_u32_max(256)); cidr = prandom_u32_max(32) + 1; peer = peers[prandom_u32_max(NUM_PEERS)]; - if (allowedips_insert_v4(&t, (struct in_addr *)mutated, cidr, peer, &mutex) < 0) { + if (allowedips_insert_v4(&t, (struct in_addr *)mutated, + cidr, peer, &mutex) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } - if (horrible_allowedips_insert_v4(&h, (struct in_addr *)mutated, cidr, peer)) { + if (horrible_allowedips_insert_v4(&h, + (struct in_addr *)mutated, cidr, peer)) { pr_info("allowedips random self-test: out of memory\n"); goto free; } @@ -273,11 +319,13 @@ static __init bool randomized_test(void) prandom_bytes(ip, 16); cidr = prandom_u32_max(128) + 1; peer = peers[prandom_u32_max(NUM_PEERS)]; - if (allowedips_insert_v6(&t, (struct in6_addr *)ip, cidr, peer, &mutex) < 0) { + if (allowedips_insert_v6(&t, (struct in6_addr *)ip, cidr, peer, + &mutex) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } - if (horrible_allowedips_insert_v6(&h, (struct in6_addr *)ip, cidr, peer) < 0) { + if (horrible_allowedips_insert_v6(&h, (struct in6_addr *)ip, + cidr, peer) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } @@ -287,18 +335,24 @@ static __init bool randomized_test(void) mutate_amount = prandom_u32_max(128); for (k = 0; k < mutate_amount / 8; ++k) mutate_mask[k] = 0xff; - mutate_mask[k] = 0xff << ((8 - (mutate_amount % 8)) % 8); + mutate_mask[k] = 0xff + << ((8 - (mutate_amount % 8)) % 8); for (; k < 4; ++k) mutate_mask[k] = 0; for (k = 0; k < 4; ++k) - mutated[k] = (mutated[k] & mutate_mask[k]) | (~mutate_mask[k] & prandom_u32_max(256)); + mutated[k] = (mutated[k] & mutate_mask[k]) | + (~mutate_mask[k] & + prandom_u32_max(256)); cidr = prandom_u32_max(128) + 1; peer = peers[prandom_u32_max(NUM_PEERS)]; - if (allowedips_insert_v6(&t, (struct in6_addr *)mutated, cidr, peer, &mutex) < 0) { + if (allowedips_insert_v6(&t, (struct in6_addr *)mutated, + cidr, peer, &mutex) < 0) { pr_info("allowedips random self-test: out of memory\n"); goto free; } - if (horrible_allowedips_insert_v6(&h, (struct in6_addr *)mutated, cidr, peer)) { + if (horrible_allowedips_insert_v6( + &h, (struct in6_addr *)mutated, cidr, + peer)) { pr_info("allowedips random self-test: out of memory\n"); goto free; } @@ -314,7 +368,8 @@ static __init bool randomized_test(void) for (i = 0; i < NUM_QUERIES; ++i) { prandom_bytes(ip, 4); - if (lookup(t.root4, 32, ip) != horrible_allowedips_lookup_v4(&h, (struct in_addr *)ip)) { + if (lookup(t.root4, 32, ip) != + horrible_allowedips_lookup_v4(&h, (struct in_addr *)ip)) { pr_info("allowedips random self-test: FAIL\n"); goto free; } @@ -322,7 +377,8 @@ static __init bool randomized_test(void) for (i = 0; i < NUM_QUERIES; ++i) { prandom_bytes(ip, 16); - if (lookup(t.root6, 128, ip) != horrible_allowedips_lookup_v6(&h, (struct in6_addr *)ip)) { + if (lookup(t.root6, 128, ip) != + horrible_allowedips_lookup_v6(&h, (struct in6_addr *)ip)) { pr_info("allowedips random self-test: FAIL\n"); goto free; } @@ -376,15 +432,22 @@ static __init int walk_callback(void *ctx, const u8 *ip, u8 cidr, int family) wctx->count++; - if (cidr == 27 && !memcmp(ip, ip4(192, 95, 5, 64), sizeof(struct in_addr))) + if (cidr == 27 && + !memcmp(ip, ip4(192, 95, 5, 64), sizeof(struct in_addr))) wctx->found_a = true; - else if (cidr == 128 && !memcmp(ip, ip6(0x26075300, 0x60006b00, 0, 0xc05f0543), sizeof(struct in6_addr))) + else if (cidr == 128 && + !memcmp(ip, ip6(0x26075300, 0x60006b00, 0, 0xc05f0543), + sizeof(struct in6_addr))) wctx->found_b = true; - else if (cidr == 29 && !memcmp(ip, ip4(10, 1, 0, 16), sizeof(struct in_addr))) + else if (cidr == 29 && + !memcmp(ip, ip4(10, 1, 0, 16), sizeof(struct in_addr))) wctx->found_c = true; - else if (cidr == 83 && !memcmp(ip, ip6(0x26075300, 0x6d8a6bf8, 0xdab1e000, 0), sizeof(struct in6_addr))) + else if (cidr == 83 && + !memcmp(ip, ip6(0x26075300, 0x6d8a6bf8, 0xdab1e000, 0), + sizeof(struct in6_addr))) wctx->found_d = true; - else if (cidr == 21 && !memcmp(ip, ip6(0x26075000, 0, 0, 0), sizeof(struct in6_addr))) + else if (cidr == 21 && + !memcmp(ip, ip6(0x26075000, 0, 0, 0), sizeof(struct in6_addr))) wctx->found_e = true; else wctx->found_other = true; @@ -392,50 +455,55 @@ static __init int walk_callback(void *ctx, const u8 *ip, u8 cidr, int family) return 0; } -#define init_peer(name) do { \ - name = kzalloc(sizeof(struct wireguard_peer), GFP_KERNEL); \ - if (!name) { \ - pr_info("allowedips self-test: out of memory\n"); \ - goto free; \ - } \ - kref_init(&name->refcount); \ -} while (0) - -#define insert(version, mem, ipa, ipb, ipc, ipd, cidr) \ - allowedips_insert_v##version(&t, ip##version(ipa, ipb, ipc, ipd), cidr, mem, &mutex) - -#define maybe_fail \ - ++i; \ - if (!_s) { \ - pr_info("allowedips self-test %zu: FAIL\n", i); \ - success = false; \ - } - -#define test(version, mem, ipa, ipb, ipc, ipd) do { \ - bool _s = lookup(t.root##version, version == 4 ? 32 : 128, ip##version(ipa, ipb, ipc, ipd)) == mem; \ - maybe_fail \ -} while (0) - -#define test_negative(version, mem, ipa, ipb, ipc, ipd) do { \ - bool _s = lookup(t.root##version, version == 4 ? 32 : 128, ip##version(ipa, ipb, ipc, ipd)) != mem; \ - maybe_fail \ -} while (0) - -#define test_boolean(cond) do { \ - bool _s = (cond); \ - maybe_fail \ -} while (0) +#define init_peer(name) do { \ + name = kzalloc(sizeof(struct wireguard_peer), GFP_KERNEL); \ + if (!name) { \ + pr_info("allowedips self-test: out of memory\n"); \ + goto free; \ + } \ + kref_init(&name->refcount); \ + } while (0) + +#define insert(version, mem, ipa, ipb, ipc, ipd, cidr) \ + allowedips_insert_v##version(&t, ip##version(ipa, ipb, ipc, ipd), \ + cidr, mem, &mutex) + +#define maybe_fail() do { \ + ++i; \ + if (!_s) { \ + pr_info("allowedips self-test %zu: FAIL\n", i); \ + success = false; \ + } \ + } while (0) + +#define test(version, mem, ipa, ipb, ipc, ipd) do { \ + bool _s = lookup(t.root##version, version == 4 ? 32 : 128, \ + ip##version(ipa, ipb, ipc, ipd)) == mem; \ + maybe_fail(); \ + } while (0) + +#define test_negative(version, mem, ipa, ipb, ipc, ipd) do { \ + bool _s = lookup(t.root##version, version == 4 ? 32 : 128, \ + ip##version(ipa, ipb, ipc, ipd)) != mem; \ + maybe_fail(); \ + } while (0) + +#define test_boolean(cond) do { \ + bool _s = (cond); \ + maybe_fail(); \ + } while (0) bool __init allowedips_selftest(void) { - DEFINE_MUTEX(mutex); - struct allowedips t; - struct walk_ctx wctx = { 0 }; + struct wireguard_peer *a = NULL, *b = NULL, *c = NULL, *d = NULL, + *e = NULL, *f = NULL, *g = NULL, *h = NULL; struct allowedips_cursor cursor = { 0 }; - struct wireguard_peer *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL, *f = NULL, *g = NULL, *h = NULL; - size_t i = 0; + struct walk_ctx wctx = { 0 }; bool success = false; + struct allowedips t; + DEFINE_MUTEX(mutex); struct in6_addr ip; + size_t i = 0; __be64 part; mutex_init(&mutex); @@ -455,19 +523,23 @@ bool __init allowedips_selftest(void) insert(4, b, 192, 168, 4, 4, 32); insert(4, c, 192, 168, 0, 0, 16); insert(4, d, 192, 95, 5, 64, 27); - insert(4, c, 192, 95, 5, 65, 27); /* replaces previous entry, and maskself is required */ + /* replaces previous entry, and maskself is required */ + insert(4, c, 192, 95, 5, 65, 27); insert(6, d, 0x26075300, 0x60006b00, 0, 0xc05f0543, 128); insert(6, c, 0x26075300, 0x60006b00, 0, 0, 64); insert(4, e, 0, 0, 0, 0, 0); insert(6, e, 0, 0, 0, 0, 0); - insert(6, f, 0, 0, 0, 0, 0); /* replaces previous entry */ + /* replaces previous entry */ + insert(6, f, 0, 0, 0, 0, 0); insert(6, g, 0x24046800, 0, 0, 0, 32); - insert(6, h, 0x24046800, 0x40040800, 0xdeadbeef, 0xdeadbeef, 64); /* maskself is required */ + /* maskself is required */ + insert(6, h, 0x24046800, 0x40040800, 0xdeadbeef, 0xdeadbeef, 64); insert(6, a, 0x24046800, 0x40040800, 0xdeadbeef, 0xdeadbeef, 128); insert(6, c, 0x24446800, 0x40e40800, 0xdeaebeef, 0xdefbeef, 128); insert(6, b, 0x24446800, 0xf0e40800, 0xeeaebeef, 0, 98); insert(4, g, 64, 15, 112, 0, 20); - insert(4, h, 64, 15, 123, 211, 25); /* maskself is required */ + /* maskself is required */ + insert(4, h, 64, 15, 123, 211, 25); insert(4, a, 10, 0, 0, 0, 25); insert(4, b, 10, 0, 0, 128, 25); insert(4, a, 10, 1, 0, 0, 30); diff --git a/src/selftest/counter.h b/src/selftest/counter.h index 5344075..1c2a3b4 100644 --- a/src/selftest/counter.h +++ b/src/selftest/counter.h @@ -6,13 +6,24 @@ #ifdef DEBUG bool __init packet_counter_selftest(void) { - bool success = true; unsigned int test_num = 0, i; union noise_counter counter; + bool success = true; -#define T_INIT do { memset(&counter, 0, sizeof(union noise_counter)); spin_lock_init(&counter.receive.lock); } while (0) +#define T_INIT do { \ + memset(&counter, 0, sizeof(union noise_counter)); \ + spin_lock_init(&counter.receive.lock); \ + } while (0) #define T_LIM (COUNTER_WINDOW_SIZE + 1) -#define T(n, v) do { ++test_num; if (counter_validate(&counter, n) != v) { pr_info("nonce counter self-test %u: FAIL\n", test_num); success = false; } } while (0) +#define T(n, v) do { \ + ++test_num; \ + if (counter_validate(&counter, n) != v) { \ + pr_info("nonce counter self-test %u: FAIL\n", \ + test_num); \ + success = false; \ + } \ + } while (0) + T_INIT; /* 1 */ T(0, true); /* 2 */ T(1, true); @@ -62,22 +73,22 @@ bool __init packet_counter_selftest(void) T(0, false); T_INIT; - for (i = COUNTER_WINDOW_SIZE + 1; i-- > 0 ;) + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 0;) T(i, true); T_INIT; - for (i = COUNTER_WINDOW_SIZE + 2; i-- > 1 ;) + for (i = COUNTER_WINDOW_SIZE + 2; i-- > 1;) T(i, true); T(0, false); T_INIT; - for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1 ;) + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;) T(i, true); T(COUNTER_WINDOW_SIZE + 1, true); T(0, false); T_INIT; - for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1 ;) + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;) T(i, true); T(0, true); T(COUNTER_WINDOW_SIZE + 1, true); diff --git a/src/selftest/ratelimiter.h b/src/selftest/ratelimiter.h index c05eac7..a71ddb1 100644 --- a/src/selftest/ratelimiter.h +++ b/src/selftest/ratelimiter.h @@ -7,7 +7,10 @@ #include <linux/jiffies.h> -static const struct { bool result; unsigned int msec_to_sleep_before; } expected_results[] __initconst = { +static const struct { + bool result; + unsigned int msec_to_sleep_before; +} expected_results[] __initconst = { [0 ... PACKETS_BURSTABLE - 1] = { true, 0 }, [PACKETS_BURSTABLE] = { false, 0 }, [PACKETS_BURSTABLE + 1] = { true, MSEC_PER_SEC / PACKETS_PER_SECOND }, @@ -29,14 +32,14 @@ static __init unsigned int maximum_jiffies_at_index(int index) bool __init ratelimiter_selftest(void) { - struct sk_buff *skb4; - struct iphdr *hdr4; + int i, test = 0, tries = 0, ret = false; + unsigned long loop_start_time; #if IS_ENABLED(CONFIG_IPV6) struct sk_buff *skb6; struct ipv6hdr *hdr6; #endif - int i, test = 0, tries = 0, ret = false; - unsigned long loop_start_time; + struct sk_buff *skb4; + struct iphdr *hdr4; BUILD_BUG_ON(MSEC_PER_SEC % PACKETS_PER_SECOND != 0); @@ -81,21 +84,24 @@ bool __init ratelimiter_selftest(void) restart: loop_start_time = jiffies; for (i = 0; i < ARRAY_SIZE(expected_results); ++i) { -#define ensure_time do {\ - if (time_is_before_jiffies(loop_start_time + maximum_jiffies_at_index(i))) { \ - if (++tries >= 5000) \ - goto err; \ - gc_entries(NULL); \ - rcu_barrier(); \ - msleep(500); \ - goto restart; \ - }} while (0) +#define ensure_time do { \ + if (time_is_before_jiffies(loop_start_time + \ + maximum_jiffies_at_index(i))) { \ + if (++tries >= 5000) \ + goto err; \ + gc_entries(NULL); \ + rcu_barrier(); \ + msleep(500); \ + goto restart; \ + } \ + } while (0) if (expected_results[i].msec_to_sleep_before) msleep(expected_results[i].msec_to_sleep_before); ensure_time; - if (ratelimiter_allow(skb4, &init_net) != expected_results[i].result) + if (ratelimiter_allow(skb4, &init_net) != + expected_results[i].result) goto err; ++test; hdr4->saddr = htonl(ntohl(hdr4->saddr) + i + 1); @@ -106,17 +112,21 @@ restart: hdr4->saddr = htonl(ntohl(hdr4->saddr) - i - 1); #if IS_ENABLED(CONFIG_IPV6) - hdr6->saddr.in6_u.u6_addr32[2] = hdr6->saddr.in6_u.u6_addr32[3] = htonl(i); + hdr6->saddr.in6_u.u6_addr32[2] = + hdr6->saddr.in6_u.u6_addr32[3] = htonl(i); ensure_time; - if (ratelimiter_allow(skb6, &init_net) != expected_results[i].result) + if (ratelimiter_allow(skb6, &init_net) != + expected_results[i].result) goto err; ++test; - hdr6->saddr.in6_u.u6_addr32[0] = htonl(ntohl(hdr6->saddr.in6_u.u6_addr32[0]) + i + 1); + hdr6->saddr.in6_u.u6_addr32[0] = + htonl(ntohl(hdr6->saddr.in6_u.u6_addr32[0]) + i + 1); ensure_time; if (!ratelimiter_allow(skb6, &init_net)) goto err; ++test; - hdr6->saddr.in6_u.u6_addr32[0] = htonl(ntohl(hdr6->saddr.in6_u.u6_addr32[0]) - i - 1); + hdr6->saddr.in6_u.u6_addr32[0] = + htonl(ntohl(hdr6->saddr.in6_u.u6_addr32[0]) - i - 1); ensure_time; #endif } |