Fix loopback interface. Add new tests, remove deprecated tests.

.github/workflows/linux.yml

@@ -90,6 +90,18 @@ jobs:
           set -euo pipefail
           timeout --preserve-status 2m sudo LD_PRELOAD=$PWD/libwolfip.so ping -c 5 10.10.10.1
 
+      - name: Rebuild libwolfip.so with loopback enabled
+        run: |
+          set -euo pipefail
+          rm -f libwolfip.so build/pie/wolfip.o
+          make libwolfip.so EXTRA_CFLAGS="-DWOLFIP_ENABLE_LOOPBACK=1"
+
+      - name: Testing ICMP loopback smoke (no TUN/TAP)
+        timeout-minutes: 2
+        run: |
+          set -euo pipefail
+          timeout --preserve-status 2m sudo LD_PRELOAD=$PWD/libwolfip.so ping -4 -n -c 5 127.0.0.1
+
       - name: Install check
         run: |
           sudo apt-get install -y check

Makefile

@@ -1,6 +1,7 @@
 CC?=gcc
 CFLAGS:=-Wall -Werror -Wextra -I. -D_GNU_SOURCE
 CFLAGS+=-g -ggdb -Wdeclaration-after-statement
+CFLAGS+=$(EXTRA_CFLAGS)
 LDFLAGS+=-pthread
 # additional debug flags:
 #   CFLAGS+=-DDEBUG_TAP

config.h

@@ -32,7 +32,7 @@
 #define MAX_NEIGHBORS 16
 
 #ifndef WOLFIP_MAX_INTERFACES
-#define WOLFIP_MAX_INTERFACES 2
+#define WOLFIP_MAX_INTERFACES 3
 #endif
 
 #ifndef WOLFIP_ENABLE_FORWARDING

src/test/test_wolfguard_loopback.c

@@ -16,11 +16,19 @@
 #endif
 
 #undef  WOLFIP_MAX_INTERFACES
-#define WOLFIP_MAX_INTERFACES 2
+#define WOLFIP_MAX_INTERFACES 3
 
 #include "check.h"
 #include "../../config.h"
 
+#if WOLFIP_ENABLE_LOOPBACK
+#define TEST_PHYS_IF 1U
+#define TEST_WG_IF   2U
+#else
+#define TEST_PHYS_IF 0U
+#define TEST_WG_IF   1U
+#endif
+
 /* Override after config.h */
 #undef  MAX_UDPSOCKETS
 #define MAX_UDPSOCKETS 8
@@ -206,46 +214,46 @@ static void setup_loopback_stacks(uint64_t *now)
     wolfIP_init(&stack_a);
 
     /* Physical interface (non_ethernet, index 0) */
-    ll = wolfIP_getdev_ex(&stack_a, 0);
+    ll = wolfIP_getdev_ex(&stack_a, TEST_PHYS_IF);
     ll->non_ethernet = 1;
     ll->poll = phys_a_poll;
     ll->send = phys_a_send;
     strncpy(ll->ifname, "eth_a", sizeof(ll->ifname) - 1);
 
-    wolfIP_ipconfig_set(&stack_a, MAKE_IP4(192,168,1,1),
-                        MAKE_IP4(255,255,255,0), 0);
+    wolfIP_ipconfig_set_ex(&stack_a, TEST_PHYS_IF, MAKE_IP4(192,168,1,1),
+                           MAKE_IP4(255,255,255,0), 0);
 
     /* wolfGuard on interface 1 (wg0) */
-    ck_assert_int_eq(wolfguard_init(&wg_dev_a, &stack_a, 1, 51820), 0);
+    ck_assert_int_eq(wolfguard_init(&wg_dev_a, &stack_a, TEST_WG_IF, 51820), 0);
 
     /* Generate and set keys for A */
     wc_RNG_GenerateBlock(&test_rng, priv_a, WG_PRIVATE_KEY_LEN);
     ck_assert_int_eq(wolfguard_set_private_key(&wg_dev_a, priv_a), 0);
 
-    wolfIP_ipconfig_set_ex(&stack_a, 1, MAKE_IP4(10,0,0,1),
+    wolfIP_ipconfig_set_ex(&stack_a, TEST_WG_IF, MAKE_IP4(10,0,0,1),
                            MAKE_IP4(255,255,255,0), 0);
 
     /* Stack B */
     wolfIP_init(&stack_b);
 
     /* Physical interface (non_ethernet, index 0) */
-    ll = wolfIP_getdev_ex(&stack_b, 0);
+    ll = wolfIP_getdev_ex(&stack_b, TEST_PHYS_IF);
     ll->non_ethernet = 1;
     ll->poll = phys_b_poll;
     ll->send = phys_b_send;
     strncpy(ll->ifname, "eth_b", sizeof(ll->ifname) - 1);
 
-    wolfIP_ipconfig_set(&stack_b, MAKE_IP4(192,168,1,2),
-                        MAKE_IP4(255,255,255,0), 0);
+    wolfIP_ipconfig_set_ex(&stack_b, TEST_PHYS_IF, MAKE_IP4(192,168,1,2),
+                           MAKE_IP4(255,255,255,0), 0);
 
     /* wolfGuard on interface 1 (wg0) */
-    ck_assert_int_eq(wolfguard_init(&wg_dev_b, &stack_b, 1, 51820), 0);
+    ck_assert_int_eq(wolfguard_init(&wg_dev_b, &stack_b, TEST_WG_IF, 51820), 0);
 
     /* Generate and set keys for B */
     wc_RNG_GenerateBlock(&test_rng, priv_b, WG_PRIVATE_KEY_LEN);
     ck_assert_int_eq(wolfguard_set_private_key(&wg_dev_b, priv_b), 0);
 
-    wolfIP_ipconfig_set_ex(&stack_b, 1, MAKE_IP4(10,0,0,2),
+    wolfIP_ipconfig_set_ex(&stack_b, TEST_WG_IF, MAKE_IP4(10,0,0,2),
                            MAKE_IP4(255,255,255,0), 0);
 
     /* Add peers (A knows B, B knows A) */
@@ -798,50 +806,50 @@ START_TEST(test_multi_peer)
 
     /* Stack A (hub, 2 peers) */
     wolfIP_init(&stack_a);
-    ll = wolfIP_getdev_ex(&stack_a, 0);
+    ll = wolfIP_getdev_ex(&stack_a, TEST_PHYS_IF);
     ll->non_ethernet = 1;
     ll->poll = phys_a_poll_multi;
     ll->send = phys_a_send_multi;
     strncpy(ll->ifname, "eth_a", sizeof(ll->ifname) - 1);
-    wolfIP_ipconfig_set(&stack_a, MAKE_IP4(192,168,1,1),
-                        MAKE_IP4(255,255,255,0), 0);
+    wolfIP_ipconfig_set_ex(&stack_a, TEST_PHYS_IF, MAKE_IP4(192,168,1,1),
+                           MAKE_IP4(255,255,255,0), 0);
 
-    ck_assert_int_eq(wolfguard_init(&wg_dev_a, &stack_a, 1, 51820), 0);
+    ck_assert_int_eq(wolfguard_init(&wg_dev_a, &stack_a, TEST_WG_IF, 51820), 0);
     wc_RNG_GenerateBlock(&test_rng, priv_a, WG_PRIVATE_KEY_LEN);
     ck_assert_int_eq(wolfguard_set_private_key(&wg_dev_a, priv_a), 0);
-    wolfIP_ipconfig_set_ex(&stack_a, 1, MAKE_IP4(10,0,0,1),
+    wolfIP_ipconfig_set_ex(&stack_a, TEST_WG_IF, MAKE_IP4(10,0,0,1),
                            MAKE_IP4(255,0,0,0), 0);
 
     /* Stack B */
     wolfIP_init(&stack_b);
-    ll = wolfIP_getdev_ex(&stack_b, 0);
+    ll = wolfIP_getdev_ex(&stack_b, TEST_PHYS_IF);
     ll->non_ethernet = 1;
     ll->poll = phys_b_poll;
     ll->send = phys_b_send;
     strncpy(ll->ifname, "eth_b", sizeof(ll->ifname) - 1);
-    wolfIP_ipconfig_set(&stack_b, MAKE_IP4(192,168,1,2),
-                        MAKE_IP4(255,255,255,0), 0);
+    wolfIP_ipconfig_set_ex(&stack_b, TEST_PHYS_IF, MAKE_IP4(192,168,1,2),
+                           MAKE_IP4(255,255,255,0), 0);
 
-    ck_assert_int_eq(wolfguard_init(&wg_dev_b, &stack_b, 1, 51820), 0);
+    ck_assert_int_eq(wolfguard_init(&wg_dev_b, &stack_b, TEST_WG_IF, 51820), 0);
     wc_RNG_GenerateBlock(&test_rng, priv_b, WG_PRIVATE_KEY_LEN);
     ck_assert_int_eq(wolfguard_set_private_key(&wg_dev_b, priv_b), 0);
-    wolfIP_ipconfig_set_ex(&stack_b, 1, MAKE_IP4(10,0,1,1),
+    wolfIP_ipconfig_set_ex(&stack_b, TEST_WG_IF, MAKE_IP4(10,0,1,1),
                            MAKE_IP4(255,255,255,0), 0);
 
     /* Stack C */
     wolfIP_init(&stack_c);
-    ll = wolfIP_getdev_ex(&stack_c, 0);
+    ll = wolfIP_getdev_ex(&stack_c, TEST_PHYS_IF);
     ll->non_ethernet = 1;
     ll->poll = phys_c_poll;
     ll->send = phys_c_send;
     strncpy(ll->ifname, "eth_c", sizeof(ll->ifname) - 1);
-    wolfIP_ipconfig_set(&stack_c, MAKE_IP4(192,168,1,3),
-                        MAKE_IP4(255,255,255,0), 0);
+    wolfIP_ipconfig_set_ex(&stack_c, TEST_PHYS_IF, MAKE_IP4(192,168,1,3),
+                           MAKE_IP4(255,255,255,0), 0);
 
-    ck_assert_int_eq(wolfguard_init(&wg_dev_c, &stack_c, 1, 51820), 0);
+    ck_assert_int_eq(wolfguard_init(&wg_dev_c, &stack_c, TEST_WG_IF, 51820), 0);
     wc_RNG_GenerateBlock(&test_rng, priv_c, WG_PRIVATE_KEY_LEN);
     ck_assert_int_eq(wolfguard_set_private_key(&wg_dev_c, priv_c), 0);
-    wolfIP_ipconfig_set_ex(&stack_c, 1, MAKE_IP4(10,0,2,1),
+    wolfIP_ipconfig_set_ex(&stack_c, TEST_WG_IF, MAKE_IP4(10,0,2,1),
                            MAKE_IP4(255,255,255,0), 0);
 
     /* Add peers */

src/test/unit/unit.c

@@ -115,6 +115,9 @@ Suite *wolf_suite(void)
 #if WOLFIP_ENABLE_LOOPBACK
     tcase_add_test(tc_utils, test_wolfip_loopback_defaults);
     tcase_add_test(tc_utils, test_wolfip_loopback_send_paths);
+    tcase_add_test(tc_utils, test_wolfip_loopback_poll_paths);
+    tcase_add_test(tc_utils, test_wolfip_loopback_poll_keeps_pending_on_short_buffer);
+    tcase_add_test(tc_utils, test_wolfip_loopback_poll_null_container);
     tcase_add_test(tc_utils, test_wolfip_loopback_send_drops_oversize);
     tcase_add_test(tc_utils, test_wolfip_loopback_send_null_container);
     tcase_add_test(tc_utils, test_wolfip_loopback_send_rejects_null_args);
@@ -770,7 +773,8 @@ Suite *wolf_suite(void)
     tcase_add_test(tc_proto, test_regression_syn_on_established_not_silently_processed);
     tcase_add_test(tc_proto, test_regression_syn_on_last_ack_not_silently_processed);
     tcase_add_test(tc_proto, test_regression_full_txbuf_still_sends_pure_ack);
-    tcase_add_test(tc_proto, test_regression_loopback_immediate_pure_ack_uses_loopback_ll);
+    tcase_add_test(tc_proto, test_regression_loopback_pure_ack_uses_deferred_buffer_until_poll);
+    tcase_add_test(tc_proto, test_regression_loopback_pure_ack_drain_allows_next_send_cycle);
     tcase_add_test(tc_proto, test_regression_tcp_tx_desc_payload_len_keeps_descriptor_layout_sanity);
     tcase_add_test(tc_proto, test_regression_fast_recovery_cwnd_ssthresh_rfc5681);
     tcase_add_test(tc_proto, test_regression_paws_rejects_stale_timestamp);

src/test/unit/unit_esp.c

@@ -28,6 +28,7 @@
 #undef  WOLFIP_MAX_INTERFACES
 #define WOLFIP_MAX_INTERFACES 1
 #undef  WOLFIP_ENABLE_LOOPBACK
+#define WOLFIP_ENABLE_LOOPBACK 0
 
 #include "check.h"
 #include "../../../config.h"

src/test/unit/unit_tests_proto.c

@@ -2967,6 +2967,7 @@ START_TEST(test_wolfip_loopback_defaults)
     loop = wolfIP_getdev_ex(&s, TEST_LOOPBACK_IF);
     ck_assert_ptr_nonnull(loop);
     ck_assert_ptr_nonnull(loop->send);
+    ck_assert_ptr_eq(loop->poll, wolfIP_loopback_poll);
     ck_assert_uint_eq(loop->mac[0], 0x02);
 
     wolfIP_ipconfig_get_ex(&s, TEST_LOOPBACK_IF, &ip, &mask, &gw);
@@ -2997,7 +2998,73 @@ START_TEST(test_wolfip_loopback_send_paths)
 
     ck_assert_int_eq(wolfIP_loopback_send(NULL, frame, sizeof(frame)), -1);
     ck_assert_int_eq(wolfIP_loopback_send(loop, NULL, sizeof(frame)), -1);
-    ck_assert_int_eq(wolfIP_loopback_send(loop, frame, sizeof(frame)), (int)sizeof(frame));
+    /* Fill the queue, each slot enqueue returns the byte count. */
+    for (unsigned int i = 0; i < WOLFIP_LOOPBACK_QUEUE_DEPTH; i++) {
+        ck_assert_int_eq(wolfIP_loopback_send(loop, frame, sizeof(frame)),
+                         (int)sizeof(frame));
+    }
+    /* Next send must be dropped because the queue is full. */
+    ck_assert_int_eq(wolfIP_loopback_send(loop, frame, sizeof(frame)), 0);
+}
+END_TEST
+
+START_TEST(test_wolfip_loopback_poll_paths)
+{
+    struct wolfIP s;
+    struct wolfIP_ll_dev *loop;
+    uint8_t tx[16];
+    uint8_t rx[16];
+
+    wolfIP_init(&s);
+    loop = wolfIP_getdev_ex(&s, TEST_LOOPBACK_IF);
+    ck_assert_ptr_nonnull(loop);
+
+    memset(tx, 0x5A, sizeof(tx));
+    memset(rx, 0, sizeof(rx));
+
+    ck_assert_int_eq(wolfIP_loopback_poll(NULL, rx, sizeof(rx)), 0);
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, NULL, sizeof(rx)), 0);
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, rx, sizeof(rx)), 0);
+
+    ck_assert_int_eq(wolfIP_loopback_send(loop, tx, sizeof(tx)), (int)sizeof(tx));
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, rx, sizeof(rx)), (int)sizeof(rx));
+    ck_assert_mem_eq(rx, tx, sizeof(tx));
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, rx, sizeof(rx)), 0);
+}
+END_TEST
+
+START_TEST(test_wolfip_loopback_poll_keeps_pending_on_short_buffer)
+{
+    struct wolfIP s;
+    struct wolfIP_ll_dev *loop;
+    uint8_t tx[16];
+    uint8_t rx[16];
+
+    wolfIP_init(&s);
+    loop = wolfIP_getdev_ex(&s, TEST_LOOPBACK_IF);
+    ck_assert_ptr_nonnull(loop);
+
+    memset(tx, 0xC3, sizeof(tx));
+    memset(rx, 0, sizeof(rx));
+
+    ck_assert_int_eq(wolfIP_loopback_send(loop, tx, sizeof(tx)), (int)sizeof(tx));
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, rx, sizeof(rx) - 1U), 0);
+    ck_assert_int_eq(wolfIP_loopback_poll(loop, rx, sizeof(rx)), (int)sizeof(rx));
+    ck_assert_mem_eq(rx, tx, sizeof(tx));
+}
+END_TEST
+
+START_TEST(test_wolfip_loopback_poll_null_container)
+{
+    uintptr_t off = (uintptr_t)offsetof(struct wolfIP, ll_dev);
+    struct wolfIP_ll_dev *ll;
+    uint8_t frame[4] = {0};
+
+    if (off == 0)
+        return;
+
+    ll = (struct wolfIP_ll_dev *)off;
+    ck_assert_int_eq(wolfIP_loopback_poll(ll, frame, sizeof(frame)), 0);
 }
 END_TEST
 
@@ -4786,17 +4853,18 @@ START_TEST(test_regression_full_txbuf_still_sends_pure_ack)
 }
 END_TEST
 
-START_TEST(test_regression_loopback_immediate_pure_ack_uses_loopback_ll)
+START_TEST(test_regression_loopback_pure_ack_uses_deferred_buffer_until_poll)
 {
     struct wolfIP s;
     struct tsocket *ts;
     struct wolfIP_ll_dev *loop;
     struct wolfIP_tcp_seg seg;
+    uint32_t expected_pending_len;
 
     wolfIP_init(&s);
     loop = wolfIP_getdev_ex(&s, TEST_LOOPBACK_IF);
     ck_assert_ptr_nonnull(loop);
-    loop->send = mock_send;
+    ck_assert_ptr_eq(loop->send, wolfIP_loopback_send);
     last_frame_sent_size = 0;
     memset(last_frame_sent, 0, sizeof(last_frame_sent));
 
@@ -4822,13 +4890,69 @@ START_TEST(test_regression_loopback_immediate_pure_ack_uses_loopback_ll)
     seg.ack = ee32(ts->sock.tcp.ack);
     seg.hlen = TCP_HEADER_LEN << 2;
     seg.flags = TCP_FLAG_ACK;
+    expected_pending_len = (uint32_t)sizeof(seg) - ETH_HEADER_LEN;
 
     ck_assert_int_eq(tcp_send_empty_immediate(ts, &seg,
             (uint32_t)sizeof(seg)), 0);
     ck_assert_uint_eq(ts->sock.tcp.last_ack, ts->sock.tcp.ack);
-    ck_assert_uint_eq(last_frame_sent_size, (uint32_t)sizeof(seg));
-    ck_assert_mem_eq(seg.ip.eth.dst, loop->mac, 6);
-    ck_assert_mem_eq(seg.ip.eth.src, loop->mac, 6);
+    ck_assert_uint_eq(last_frame_sent_size, 0U);
+    ck_assert_uint_eq(s.loopback_count, 1U);
+    ck_assert_uint_eq(s.loopback_pending_len[s.loopback_head],
+                      expected_pending_len);
+
+    (void)wolfIP_poll(&s, 200);
+    ck_assert_uint_eq(s.loopback_count, 0U);
+}
+END_TEST
+
+START_TEST(test_regression_loopback_pure_ack_drain_allows_next_send_cycle)
+{
+    struct wolfIP s;
+    struct tsocket *ts;
+    struct wolfIP_ll_dev *loop;
+    struct wolfIP_tcp_seg seg;
+    uint8_t rx[IP_MTU_MAX];
+    uint32_t expected_pending_len = (uint32_t)sizeof(seg) - ETH_HEADER_LEN;
+
+    wolfIP_init(&s);
+    loop = wolfIP_getdev_ex(&s, TEST_LOOPBACK_IF);
+    ck_assert_ptr_nonnull(loop);
+
+    ts = &s.tcpsockets[0];
+    memset(ts, 0, sizeof(*ts));
+    ts->proto = WI_IPPROTO_TCP;
+    ts->S = &s;
+    ts->if_idx = TEST_LOOPBACK_IF;
+    ts->sock.tcp.state = TCP_ESTABLISHED;
+    ts->sock.tcp.ack = 100;
+    ts->sock.tcp.seq = 1000;
+    ts->sock.tcp.snd_una = 900;
+    ts->sock.tcp.cwnd = TXBUF_SIZE;
+    ts->sock.tcp.peer_rwnd = TXBUF_SIZE;
+    ts->src_port = 1234;
+    ts->dst_port = 4321;
+    ts->local_ip = 0x7F000001U;
+    ts->remote_ip = 0x7F000001U;
+    memset(&seg, 0, sizeof(seg));
+    seg.src_port = ee16(ts->src_port);
+    seg.dst_port = ee16(ts->dst_port);
+    seg.seq = ee32(ts->sock.tcp.seq);
+    seg.ack = ee32(ts->sock.tcp.ack);
+    seg.hlen = TCP_HEADER_LEN << 2;
+    seg.flags = TCP_FLAG_ACK;
+
+    ck_assert_int_eq(tcp_send_empty_immediate(ts, &seg, (uint32_t)sizeof(seg)), 0);
+    ck_assert_uint_eq(s.loopback_count, 1U);
+    ck_assert_uint_eq(s.loopback_pending_len[s.loopback_head],
+                      expected_pending_len);
+
+    ck_assert_int_eq(loop->poll(loop, rx, sizeof(rx)), (int)expected_pending_len);
+    ck_assert_uint_eq(s.loopback_count, 0U);
+
+    ck_assert_int_eq(tcp_send_empty_immediate(ts, &seg, (uint32_t)sizeof(seg)), 0);
+    ck_assert_uint_eq(s.loopback_count, 1U);
+    ck_assert_uint_eq(s.loopback_pending_len[s.loopback_head],
+                      expected_pending_len);
 }
 END_TEST