Add MACsecEgressFilter tests

sonic-net · Aug 23, 2021 · 888197d · 888197d
1 parent 8ed6e36
commit 888197d
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 1 deletion.
diff --git a/unittest/vslib/Makefile.am b/unittest/vslib/Makefile.am
@@ -18,7 +18,8 @@ tests_SOURCES = main.cpp \
 				TestLaneMap.cpp \
 				TestLaneMapContainer.cpp \
 				TestLaneMapFileParser.cpp \
-				TestMACsecAttr.cpp
+				TestMACsecAttr.cpp \
+				TestMACsecEgressFilter.cpp
 
 tests_CXXFLAGS = $(DBGFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS_COMMON)
 tests_LDADD = $(LDADD_GTEST) $(top_srcdir)/vslib/libSaiVS.a -lhiredis -lswsscommon -lpthread -L$(top_srcdir)/meta/.libs -lsaimetadata -lsaimeta -lzmq $(CODE_COVERAGE_LIBS)

diff --git a/unittest/vslib/TestMACsecEgressFilter.cpp b/unittest/vslib/TestMACsecEgressFilter.cpp
@@ -0,0 +1,51 @@
+#include "MACsecEgressFilter.h"
+
+#include <gtest/gtest.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <linux/if_packet.h>
+#include <linux/if_ether.h>
+#include <arpa/inet.h>
+#include <net/if.h>
+
+#define EAPOL_ETHER_TYPE (0x888e)
+
+using namespace saivs;
+
+TEST(MACsecEgressFilter, ctr)
+{
+    MACsecEgressFilter filter("foo");
+}
+
+TEST(MACsecEgressFilter, forward)
+{
+    MACsecEgressFilter filter("foo");
+
+    filter.set_macsec_fd(0);
+
+    uint8_t packet[4000];
+
+    memset(packet, 0, sizeof(packet));
+
+    ethhdr* eth = (ethhdr*)packet;
+
+    eth->h_proto = ntohs(EAPOL_ETHER_TYPE);
+
+    size_t len = sizeof(packet);
+
+    EXPECT_EQ(filter.execute(packet, len), TrafficFilter::CONTINUE);
+
+    eth->h_proto = ntohs(6);
+
+    EXPECT_EQ(filter.execute(packet, len), TrafficFilter::TERMINATE);
+
+    filter.enable_macsec_device(true);
+
+    // fd is ok, stdout
+    EXPECT_EQ(filter.execute(packet, len), TrafficFilter::TERMINATE);
+
+    filter.set_macsec_fd(70); // bad fd
+
+    EXPECT_EQ(filter.execute(packet, len), TrafficFilter::ERROR);
+}