diff options
| author | Lorenzo Colitti <lorenzo@google.com> | 2017-03-10 12:19:08 +0900 |
|---|---|---|
| committer | Lorenzo Colitti <lorenzo@google.com> | 2017-03-22 11:20:08 +0900 |
| commit | 2bd804a5e9f770333a51a44ce4627c8136277af6 (patch) | |
| tree | 120a8bcf0a9a7ad9d781daf42f25f90ac9c453af /server/IptablesRestoreControllerTest.cpp | |
| parent | 35fb85042e214e050e7798f6194a4746a9cd9bdd (diff) | |
| download | platform_system_netd-2bd804a5e9f770333a51a44ce4627c8136277af6.tar.gz platform_system_netd-2bd804a5e9f770333a51a44ce4627c8136277af6.tar.bz2 platform_system_netd-2bd804a5e9f770333a51a44ce4627c8136277af6.zip | |
Update test code to match new iptables behaviour.
iptables is changing the locking code from binding to an abstract
UNIX socket to calling flock() on a real file. Update test code
that acquires the iptables lock.
Also, make said code more robust by retrying up to 10 times if
the lock is held. This should make the test less flaky.
Bug: 36108349
Test: IptablesRestoreControllerTest passes with new iptables
Change-Id: I1d1d454d78382e76d178c4ef43f2c40a46f81f62
Diffstat (limited to 'server/IptablesRestoreControllerTest.cpp')
| -rw-r--r-- | server/IptablesRestoreControllerTest.cpp | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/server/IptablesRestoreControllerTest.cpp b/server/IptablesRestoreControllerTest.cpp index a5d8a7bb0..96394c19f 100644 --- a/server/IptablesRestoreControllerTest.cpp +++ b/server/IptablesRestoreControllerTest.cpp @@ -16,6 +16,7 @@ #include <string> #include <fcntl.h> +#include <sys/file.h> #include <sys/socket.h> #include <sys/un.h> @@ -29,7 +30,9 @@ #include "IptablesRestoreController.h" #include "NetdConstants.h" -#define XTABLES_LOCK "@xtables" +#define XT_LOCK_NAME "/system/etc/xtables.lock" +#define XT_LOCK_ATTEMPTS 10 +#define XT_LOCK_POLL_INTERVAL_MS 100 using android::base::Join; using android::base::StringPrintf; @@ -110,19 +113,19 @@ public: } int acquireIptablesLock() { - mIptablesLock = socket(AF_UNIX, SOCK_STREAM, 0); - if (mIptablesLock == -1) { - return -errno; + mIptablesLock = open(XT_LOCK_NAME, O_CREAT, 0600); + if (mIptablesLock == -1) return mIptablesLock; + int attempts; + for (attempts = 0; attempts < XT_LOCK_ATTEMPTS; attempts++) { + if (flock(mIptablesLock, LOCK_EX | LOCK_NB) == 0) { + return 0; + } + usleep(XT_LOCK_POLL_INTERVAL_MS * 1000); } - sockaddr_un sun = { AF_UNIX, XTABLES_LOCK }; - sun.sun_path[0] = '\0'; - size_t len = offsetof(struct sockaddr_un, sun_path) + sizeof(XTABLES_LOCK) - 1; - if (int ret = bind(mIptablesLock, reinterpret_cast<sockaddr *>(&sun), len) == -1) { - ret = -errno; - close(mIptablesLock); - return ret; - } - return 0; + EXPECT_LT(attempts, XT_LOCK_ATTEMPTS) << + "Could not acquire iptables lock after " << XT_LOCK_ATTEMPTS << " attempts " << + XT_LOCK_POLL_INTERVAL_MS << "ms apart"; + return -1; } void releaseIptablesLock() { |