lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7c2846f575b3477a12022b30dde5bb05dab9b065.1625056665.git.gnault@redhat.com>
Date:   Wed, 30 Jun 2021 14:51:41 +0200
From:   Guillaume Nault <gnault@...hat.com>
To:     David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
Cc:     netdev@...r.kernel.org, David Ahern <dsahern@...il.com>,
        Shuah Khan <shuah@...nel.org>, linux-kselftest@...r.kernel.org
Subject: [PATCH net-next 2/4] selftests: forwarding: Test redirecting sit
 packets to Ethernet

Add selftests for the following commit:
  * 730eed2772e7 ("sit: allow redirecting ip6ip, ipip and mplsip
    packets to eth devices").

In collect_md mode, if a fallback sit tunnel is already created, the
script can't create its own sit device (EEXIST). Therefore, we have to
skip this test when such fallback tunnels are created automatically in
new network namespaces.

Also, sit devices in ip6ip mode don't work in collect_md mode. Skip the
test for the moment.

Signed-off-by: Guillaume Nault <gnault@...hat.com>
---
 tools/testing/selftests/net/forwarding/config |  1 +
 .../net/forwarding/tc_redirect_l2l3.sh        | 60 +++++++++++++++++++
 2 files changed, 61 insertions(+)

diff --git a/tools/testing/selftests/net/forwarding/config b/tools/testing/selftests/net/forwarding/config
index 9d28f801866f..c543b441a8b5 100644
--- a/tools/testing/selftests/net/forwarding/config
+++ b/tools/testing/selftests/net/forwarding/config
@@ -18,3 +18,4 @@ CONFIG_NAMESPACES=y
 CONFIG_NET_NS=y
 CONFIG_NET_IPGRE=m
 CONFIG_NET_IPIP=m
+CONFIG_IPV6_SIT=m
diff --git a/tools/testing/selftests/net/forwarding/tc_redirect_l2l3.sh b/tools/testing/selftests/net/forwarding/tc_redirect_l2l3.sh
index 3e69b5deb608..fd9e15a6417b 100755
--- a/tools/testing/selftests/net/forwarding/tc_redirect_l2l3.sh
+++ b/tools/testing/selftests/net/forwarding/tc_redirect_l2l3.sh
@@ -24,6 +24,7 @@
 ALL_TESTS="
 	redir_gre
 	redir_ipip
+	redir_sit
 "
 
 NUM_NETIFS=0
@@ -226,6 +227,39 @@ ping_test()
 	set -e
 }
 
+# Inform the user and the kselftest infrastructure that a test has been
+# skipped.
+#
+# Parameters:
+#
+#   $1: Description of the reason why the test was skipped.
+#
+skip_test()
+{
+	echo "SKIP: $1"
+
+	# Do not override KSFT_FAIL
+	if [ "${KSFT_RET}" -eq "${KSFT_PASS}" ]; then
+		KSFT_RET="${KSFT_SKIP}"
+	fi
+}
+
+# Check that no fallback tunnels are automatically created in new network
+# namespaces.
+#
+has_fb_tunnels()
+{
+	local FB_TUNNELS
+
+	FB_TUNNELS=$(sysctl -n net.core.fb_tunnels_only_for_init_net 2>/dev/null || echo 0);
+
+	if [ "${FB_TUNNELS}" -ne 0 ]; then
+		return 1
+	else
+		return 0
+	fi
+}
+
 redir_gre()
 {
 	setup_tunnel "ipv4" "classical" "gre"
@@ -258,6 +292,32 @@ redir_ipip()
 	cleanup_tunnel
 }
 
+redir_sit()
+{
+	setup_tunnel "ipv4" "classical" "sit" "mode any"
+	ping_test ipv4 "SIT, classical mode: IPv4 / IPv4"
+	ping_test ipv6 "SIT, classical mode: IPv4 / IPv6"
+	ping_test ipv4-mpls "SIT, classical mode: IPv4 / MPLS / IPv4"
+	ping_test ipv6-mpls "SIT, classical mode: IPv4 / MPLS / IPv6"
+	cleanup_tunnel
+
+	if has_fb_tunnels; then
+		skip_test "SIT, can't test the external mode, fallback tunnels are enabled: try \"sysctl -wq net.core.fb_tunnels_only_for_init_net=2\""
+		return 0
+	fi
+
+	setup_tunnel "ipv4" "collect_md" "sit" "mode any external"
+	ping_test ipv4 "SIT, external mode: IPv4 / IPv4"
+
+	# ip6ip currently doesn' work in collect_md mode
+	skip_test "SIT, ip6ip is known to fail in external mode (at least on Linux 5.13 and earlier versions)"
+	#ping_test ipv6 "SIT, external mode: IPv4 / IPv6"
+
+	ping_test ipv4-mpls "SIT, external mode: IPv4 / MPLS / IPv4"
+	ping_test ipv6-mpls "SIT, external mode: IPv4 / MPLS / IPv6"
+	cleanup_tunnel
+}
+
 exit_cleanup()
 {
 	if [ "${TESTS_COMPLETED}" = "no" ]; then
-- 
2.21.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ