lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <PH0PR11MB47925643B3A60192AAD18D7AC5749@PH0PR11MB4792.namprd11.prod.outlook.com>
Date:   Mon, 13 Dec 2021 03:08:37 +0000
From:   "Zhou, Jie2X" <jie2x.zhou@...el.com>
To:     David Ahern <dsahern@...il.com>,
        "lizhijian@...itsu.com" <lizhijian@...itsu.com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "shuah@...nel.org" <shuah@...nel.org>
CC:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "Li, ZhijianX" <zhijianx.li@...el.com>,
        "Li, Philip" <philip.li@...el.com>,
        "Ma, XinjianX" <xinjianx.ma@...el.com>
Subject: Re: [PATCH v2] selftests: net: Correct case name

hi,

I try to apply the "selftests: Fix raw socket bind tests with VRF" patch.
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=0f108ae44520

And found that following changes.
TEST: Raw socket bind to local address - ns-A IP                              [ OK ]
=> TEST: Raw socket bind to local address - ns-A IP                              [FAIL]
TEST: Raw socket bind to local address - VRF IP                               [FAIL]
=> TEST: Raw socket bind to local address - VRF IP                               [ OK ]

Use -v to see the failed details.
#######################################################
COMMAND: ip netns exec ns-A nettest -s -R -P icmp -l 172.16.1.1 -b

TEST: Raw socket bind to local address - ns-A IP                              [FAIL]

best regards,

________________________________________
From: David Ahern <dsahern@...il.com>
Sent: Wednesday, December 8, 2021 12:07 PM
To: lizhijian@...itsu.com; davem@...emloft.net; kuba@...nel.org; shuah@...nel.org
Cc: netdev@...r.kernel.org; linux-kselftest@...r.kernel.org; linux-kernel@...r.kernel.org; Zhou, Jie2X; Li, ZhijianX
Subject: Re: [PATCH v2] selftests: net: Correct case name

On 12/7/21 8:38 PM, lizhijian@...itsu.com wrote:
>
>
> On 08/12/2021 11:14, David Ahern wrote:
>> On 12/6/21 11:05 PM, lizhijian@...itsu.com wrote:
>>>> # TESTS=bind6 ./fcnal-test.sh
>>>>
>>>> ###########################################################################
>>>> IPv6 address binds
>>>> ###########################################################################
>>>>
>>>>
>>>> #################################################################
>>>> No VRF
>>>>
>>>> TEST: Raw socket bind to local address - ns-A IPv6                            [FAIL]
>> This one passes for me.
> Err, i didn't notice this one when i sent this mail. Since it was passed too in my
> previous multiple runs.
>
>
>
>
>>
>> Can you run the test with '-v -p'? -v will give you the command line
>> that is failing. -p will pause the tests at the failure. From there you
>> can do:
>>
>> ip netns exec ns-A bash
>>
>> Look at the routing - no VRF is involved so the address should be local
>> to the device and the loopback. Run the test manually to see if it
>> really is failing.
>
> thanks for your advice, i will take a look if it appears again.
>
>
>
>>
>>
>>>> TEST: Raw socket bind to local address after device bind - ns-A IPv6          [ OK ]
>>>> TEST: Raw socket bind to local address - ns-A loopback IPv6                   [ OK ]
>>>> TEST: Raw socket bind to local address after device bind - ns-A loopback IPv6  [ OK ]
>>>> TEST: TCP socket bind to local address - ns-A IPv6                            [ OK ]
>>>> TEST: TCP socket bind to local address after device bind - ns-A IPv6          [ OK ]
>>>> TEST: TCP socket bind to out of scope local address - ns-A loopback IPv6      [FAIL]
>> This one seems to be a new problem. The socket is bound to eth1 and the
>> address bind is to an address on loopback. That should not be working.

actually that one should be commented out similar to the test at the end
of ipv4_addr_bind_novrf. It documents unexpected behavior - binding to a
device should limit the addresses it can bind to but the kernel does
not. Legacy behavior.

>
> My colleague had another thread with the verbose detailed message
> https://lore.kernel.org/netdev/PH0PR11MB4792DC680F7E383D72C2E8C5C56E9@PH0PR11MB4792.namprd11.prod.outlook.com/
>
>
>
>>
>>>> #################################################################
>>>> With VRF
>>>>
>>>> TEST: Raw socket bind to local address after vrf bind - ns-A IPv6             [ OK ]
>>>> TEST: Raw socket bind to local address after device bind - ns-A IPv6          [ OK ]
>>>> TEST: Raw socket bind to local address after vrf bind - VRF IPv6              [ OK ]
>>>> TEST: Raw socket bind to local address after device bind - VRF IPv6           [ OK ]
>>>> TEST: Raw socket bind to invalid local address after vrf bind - ns-A loopback IPv6  [ OK ]
>>>> TEST: TCP socket bind to local address with VRF bind - ns-A IPv6              [ OK ]
>>>> TEST: TCP socket bind to local address with VRF bind - VRF IPv6               [ OK ]
>>>> TEST: TCP socket bind to local address with device bind - ns-A IPv6           [ OK ]
>>>> TEST: TCP socket bind to VRF address with device bind - VRF IPv6              [FAIL]
>> This failure is similar to the last one. Need to see if a recent commit
>> changed something.
>

similarly here. Want to send a patch that comments them out with the
same explanation as in ipv4_addr_bind_novrf?

Both fail on v5.8 so I do not believe a recent change affected either
test. I guess these bind tests slipped through the cracks with the
misname in the TESTS variable. Thanks for the patch to fix that.

Also, make sure you always cc the author of the Fixes tag when sending
patches.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ