Synced updates from internal repo: updated layer types for AGUEVar0, AGUEVar1, and APSP; implemented related tests; ran go mod tidy to update dependencies.

Author: tengyiG

go.mod

@@ -5,7 +5,6 @@ go 1.12
 require (
 	github.com/vishvananda/netlink v1.1.0
 	github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f
-	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
 	golang.org/x/net v0.0.0-20190620200207-3b0461eec859
 	golang.org/x/sys v0.0.0-20200217220822-9197077df867
 )

go.sum

@@ -4,24 +4,10 @@ github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17
 github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f h1:p4VB7kIXpOQvVn1ZaTIVp+3vuYAXFe3OJEvjbUYJLaA=
 github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67 h1:1Fzlr8kkDLQwqMP8GxrhptBLqZG/EDpiATneiZHY998=
-golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200217220822-9197077df867 h1:JoRuNIf+rpHl+VhScRQQvzbHed86tKkqwPMV34T8myw=
 golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7 h1:EBZoQjiKKPaLbPrbpssUfuHtwM6KV/vb4U85g/cigFY=
-golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

layers/ague_var0.go

@@ -0,0 +1,105 @@
+// Copyright 2025 Google, Inc. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style license
+// that can be found in the LICENSE file in the root of the source
+// tree.
+
+package layers
+
+import (
+	"errors"
+
+	"github.com/google/gopacket"
+)
+
+// AGUEVar0 represents a packet encoded with Generic UDP Encapsulation.
+// It should sit "under" a UDP layer with dest port 666.
+//
+// For more information about the meaning of the fields, see
+// https://tools.ietf.org/html/draft-ietf-intarea-gue-04#section-3.1
+type AGUEVar0 struct {
+	Version    uint8
+	C          bool
+	Protocol   IPProtocol
+	Flags      uint16
+	Extensions []byte
+	Data       []byte
+}
+
+// LayerType returns this pseudo-header's type as defined in layertypes.go
+func (l AGUEVar0) LayerType() gopacket.LayerType {
+	return LayerTypeAGUEVar0
+}
+
+// LayerContents returns a byte array containing our serialized header.
+func (l AGUEVar0) LayerContents() []byte {
+	b := make([]byte, 4, 4+len(l.Extensions))
+	hlen := uint8(len(l.Extensions))
+	b[0] = l.Version<<6 | hlen
+	if l.C {
+		b[0] |= 0x20
+	}
+	b[0] |= hlen
+	b[1] = byte(l.Protocol)
+	b[2] = byte(l.Flags >> 8)
+	b[3] = byte(l.Flags & 0xff)
+	b = append(b, l.Extensions...)
+	return b
+}
+
+// LayerPayload returns an IPv4 or IPv6 packet in serialized form.
+func (l AGUEVar0) LayerPayload() []byte {
+	return l.Data
+}
+
+// SerializeTo writes our header into SerializeBuffer.
+func (l AGUEVar0) SerializeTo(buf gopacket.SerializeBuffer, opts gopacket.SerializeOptions) error {
+	b := l.LayerContents()
+	writeTo, err := buf.PrependBytes(len(b))
+	if err != nil {
+		return err
+	}
+	copy(writeTo, b)
+	return nil
+}
+
+// CanDecode returns the type of layer we can decode.
+func (l AGUEVar0) CanDecode() gopacket.LayerClass {
+	return LayerTypeAGUEVar0
+}
+
+// DecodeFromBytes extracts our header data from a serialized packet.
+func (l *AGUEVar0) DecodeFromBytes(data []byte, df gopacket.DecodeFeedback) error {
+	l.Version = data[0] >> 6
+	l.C = data[0]&0x20 != 0
+	l.Protocol = IPProtocol(data[1])
+	l.Flags = (uint16(data[2]) << 8) | uint16(data[3])
+	hlen := data[0] & 0x1f
+	l.Extensions = data[4 : 4+hlen]
+	l.Data = data[4+hlen:]
+	return nil
+}
+
+// NextLayerType returns the next layer type, e.g. LayerTypeIPv4
+func (l AGUEVar0) NextLayerType() gopacket.LayerType {
+	return l.Protocol.LayerType()
+}
+
+// decodeAGUE decodes AGUEVar0 or AGUEVar1, depending on the first data byte.
+// If AGUEVar1, it refers the packet to AGUEVar1 for decoding.
+// Else it adds AGUEVar0 layer info to the packet object, recursively decodes
+// remaining layers, and returns the next-layer type (IPv4 or IPv6).
+func decodeAGUE(data []byte, p gopacket.PacketBuilder) error {
+	if len(data) == 0 {
+		return errors.New("decodeAGUE() failed, no data")
+	}
+	if data[0]>>6 == 1 {
+		return decodeAGUEVar1(data, p)
+	}
+	l := AGUEVar0{}
+	if err := l.DecodeFromBytes(data, gopacket.NilDecodeFeedback); err != nil {
+		return err
+	}
+	p.AddLayer(l)
+	return p.NextDecoder(l.NextLayerType())
+}

layers/ague_var0_test.go

@@ -0,0 +1,112 @@
+// Copyright 2025 Google, Inc. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style license
+// that can be found in the LICENSE file in the root of the source
+// tree.
+
+package layers
+
+import (
+	"encoding/hex"
+	"net"
+	"testing"
+
+	"github.com/google/gopacket"
+)
+
+func TestGueDecoding(t *testing.T) {
+	// This is a packet generated by the Linux kernel GUE implementation, captured
+	// by pcap. It includes:
+	// - Ethernet
+	// - IPv4
+	// - UDP
+	// - AGueVar0 (port 666)
+	// - IPv4
+	// - ICMP (ping)
+	// TODO: build a test packet using port 666 (0x029a)
+	ph := `02427b2522f502420ae0d90608004500007451ea4000ff119d050ae0d9060afa9da88c0f029a00608cfa000400004500005459f240004001e2cd0ae0d9060afd0f0608000a7e005f000cea811f59000000005daa080000000000000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f2021222324252627`
+	pr, err := hex.DecodeString(ph)
+	if err != nil {
+		t.Errorf("Error decoding hex packet: %v", err)
+	}
+
+	p := gopacket.NewPacket(pr, LayerTypeEthernet, gopacket.Default)
+	// require.Nil(t, p.ErrorLayer())
+	if p.ErrorLayer() != nil {
+		t.Errorf("AGUEVar0 layer is nil")
+	}
+	t.Logf("%v", p)
+
+	gue := p.Layer(LayerTypeAGUEVar0).(AGUEVar0)
+	// require.NotNil(t, gue)
+	if uint8(0) != gue.Version {
+		t.Errorf("gue.Version is not 0")
+	}
+}
+
+var testIPv4OverAGUEVar0 = []gopacket.SerializableLayer{
+	&Ethernet{
+		SrcMAC:       net.HardwareAddr{142, 122, 18, 195, 169, 113},
+		DstMAC:       net.HardwareAddr{58, 86, 107, 105, 89, 94},
+		EthernetType: EthernetTypeIPv4,
+	},
+	&IPv4{
+		Version:  4,
+		SrcIP:    net.IP{192, 168, 1, 1},
+		DstIP:    net.IP{192, 168, 1, 2},
+		Protocol: IPProtocolUDP,
+		Flags:    IPv4DontFragment,
+		TTL:      64,
+		Id:       33852,
+		IHL:      5,
+	},
+	&UDP{
+		SrcPort: 8,
+		DstPort: 666,
+	},
+	&AGUEVar0{
+		Protocol: IPProtocolIPv4,
+	},
+	&IPv4{
+		Version:  4,
+		SrcIP:    net.IP{172, 16, 1, 1},
+		DstIP:    net.IP{172, 16, 2, 1},
+		Protocol: IPProtocolICMPv4,
+		Flags:    IPv4DontFragment,
+		TTL:      64,
+		IHL:      5,
+		Id:       1160,
+	},
+	&ICMPv4{
+		TypeCode: CreateICMPv4TypeCode(ICMPv4TypeEchoRequest, 0),
+		Id:       4724,
+		Seq:      1,
+	},
+	gopacket.Payload{
+		0xc8, 0x92, 0xa3, 0x54, 0x00, 0x00, 0x00, 0x00, 0x38, 0x0c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+		0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+		0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+	},
+}
+
+func TestIPv4OverAGUEVar0Encode(t *testing.T) {
+	b := gopacket.NewSerializeBuffer()
+	opts := gopacket.SerializeOptions{
+		ComputeChecksums: false, // if desired, see gre_test:setNetworkLayer()
+		FixLengths:       true,
+	}
+	if err := gopacket.SerializeLayers(b, opts, testIPv4OverAGUEVar0...); err != nil {
+		t.Errorf("Unable to serialize: %v", err)
+	}
+	p := gopacket.NewPacket(b.Bytes(), LinkTypeEthernet, gopacket.Default)
+	if p.ErrorLayer() != nil {
+		t.Error("Failed to decode packet:", p.ErrorLayer().Error())
+	}
+	checkLayers(p, []gopacket.LayerType{LayerTypeEthernet, LayerTypeIPv4, LayerTypeUDP, LayerTypeAGUEVar0, LayerTypeIPv4, LayerTypeICMPv4, gopacket.LayerTypePayload}, t)
+
+	// We don't have a corresponding sample packet capture, but if we did, the verify would look like this:
+	// if got, want := b.Bytes(), testPacketAGUEVar0``; !reflect.DeepEqual(want, got) {
+	// 	t.Errorf("Encoding mismatch, \nwant: %v\ngot %v\n", want, got)
+	// }
+}

layers/ague_var1.go

@@ -0,0 +1,84 @@
+// Copyright 2025 Google, Inc. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style license
+// that can be found in the LICENSE file in the root of the source
+// tree.
+
+package layers
+
+import (
+	"errors"
+
+	"github.com/google/gopacket"
+)
+
+// An AGUEVar1 header is mostly imaginary, having a length of 0 in its serialized form.
+// IPProtocol value is either IPProtocolIPv4 or IPProtocolIPv6, depending on the encapped
+// IP header contained in Data, which must begin with the high-order bits 01.
+type AGUEVar1 struct {
+	Protocol IPProtocol
+	Data     []byte
+}
+
+// LayerType returns this pseudo-header's type as defined in layertypes.go
+func (l AGUEVar1) LayerType() gopacket.LayerType {
+	return LayerTypeAGUEVar1
+}
+
+// LayerContents returns an empty byte array, because this header has no length.
+func (l AGUEVar1) LayerContents() []byte {
+	b := make([]byte, 0, 0)
+	return b
+}
+
+// LayerPayload returns an IPv4 or IPv6 packet in serialized form.
+func (l AGUEVar1) LayerPayload() []byte {
+	return l.Data
+}
+
+// SerializeTo writes our imaginary header into SerializeBuffer. This amount to a noop.
+func (l AGUEVar1) SerializeTo(buf gopacket.SerializeBuffer, opts gopacket.SerializeOptions) error {
+	return nil
+}
+
+// CanDecode returns the type of layer we can decode.
+func (l AGUEVar1) CanDecode() gopacket.LayerClass {
+	return LayerTypeAGUEVar1
+}
+
+// DecodeFromBytes extracts our pseudo-header data from a serialized packet.
+// There's only one thing, the next header type, which is either IPv4 or IPv6.
+// They are crafted to keep their own header type in the first nibble.
+// So we peek into the IP header to get the next-layer protocol type.
+func (l *AGUEVar1) DecodeFromBytes(data []byte, df gopacket.DecodeFeedback) error {
+	if len(data) < 1 {
+		return errors.New("DecodeFromBytes() failed, no data")
+	}
+	ipVersion := data[0] >> 4
+	if ipVersion == 4 {
+		l.Protocol = IPProtocolIPv4
+	} else if ipVersion == 6 {
+		l.Protocol = IPProtocolIPv6
+	} else {
+		return errors.New("DecodeFromBytes() failed, unknown IP version")
+	}
+	l.Data = data
+	return nil
+}
+
+// NextLayerType returns the next layer type, e.g. LayerTypeIPv4
+func (l AGUEVar1) NextLayerType() gopacket.LayerType {
+	return l.Protocol.LayerType()
+}
+
+// decodeAGUEVar1 decodes packet data to figure out the next-layer IP type,
+// then adds AGUEVar1 layer info to the packet object, recursively decodes
+// remaining layers, and returns the next-layer type.
+func decodeAGUEVar1(data []byte, p gopacket.PacketBuilder) error {
+	l := AGUEVar1{}
+	if err := l.DecodeFromBytes(data, gopacket.NilDecodeFeedback); err != nil {
+		return err
+	}
+	p.AddLayer(l)
+	return p.NextDecoder(l.NextLayerType())
+}