| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220411133837.318876-14-troglobit@gmail.com>
Date: Mon, 11 Apr 2022 15:38:37 +0200
From: Joachim Wiberg <troglobit@...il.com>
To: Roopa Prabhu <roopa@...dia.com>,
Nikolay Aleksandrov <razor@...ckwall.org>
Cc: netdev@...r.kernel.org, bridge@...ts.linux-foundation.org,
"David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Joachim Wiberg <troglobit@...il.com>,
Tobias Waldekranz <tobias@...dekranz.com>,
Vladimir Oltean <vladimir.oltean@....com>
Subject: [PATCH RFC net-next 13/13] selftests: forwarding: verify flood of known mc on mcast_router port
This test verifies that both known (in mdb) and unknown IP multicast is
forwarded to a mcast_router port.
Signed-off-by: Joachim Wiberg <troglobit@...il.com>
---
.../selftests/net/forwarding/bridge_mdb.sh | 54 ++++++++++++++++++-
1 file changed, 53 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/net/forwarding/bridge_mdb.sh b/tools/testing/selftests/net/forwarding/bridge_mdb.sh
index 137bc79fd677..3fd7d68bca09 100755
--- a/tools/testing/selftests/net/forwarding/bridge_mdb.sh
+++ b/tools/testing/selftests/net/forwarding/bridge_mdb.sh
@@ -10,13 +10,16 @@
# Verify selective multicast forwarding (strict mdb), when bridge port
# mcast_flood is disabled, of known MAC, IPv4, IPv6 traffic.
#
+# Verify flooding towards mcast_router ports of known IP multicast.
+#
# Note: this test completely disables IPv6 auto-configuration to avoid
# any type of dynamic behavior outside of MLD and IGMP protocols.
# Static IPv6 addresses are used to ensure consistent behavior,
# even in the startup phase when multicast snooping is enabled.
#
-ALL_TESTS="mdb_add_del_test mdb_compat_fwd_test mdb_mac_fwd_test mdb_ip4_fwd_test mdb_ip6_fwd_test"
+ALL_TESTS="mdb_add_del_test mdb_compat_fwd_test mdb_rport_fwd_test \
+ mdb_mac_fwd_test mdb_ip4_fwd_test mdb_ip6_fwd_test"
NUM_NETIFS=6
SRC_PORT="1234"
@@ -246,6 +249,55 @@ mdb_compat_fwd_test()
do_compat_fwd "br0"
}
+#
+# Verify fwd of IP multicast to router ports. A detected multicast
+# router should always receive both known and unknown multicast.
+#
+mdb_rport_fwd_test()
+{
+ pass_grp=$PASS_GRP_IP4
+ fail_grp=$FAIL_GRP_IP4
+ pass_pkt=$PASS_PKT_IP4
+ fail_pkt=$FAIL_PKT_IP4
+ decoy="br0"
+ port=$h1
+ type="IPv4"
+
+ # Disable flooding of unknown multicast, strict MDB forwarding
+ bridge link set dev "$swp1" mcast_flood off
+ bridge link set dev "$swp2" mcast_flood off
+ bridge link set dev "br0" mcast_flood off self
+
+ # Let h2 act as a multicast router
+ ip link set dev "$swp1" type bridge_slave mcast_router 2
+
+ # Static filter only to this decoy port
+ bridge mdb add dev br0 port $decoy grp "$pass_grp"
+ check_err $? "Failed adding multicast group $pass_grp to bridge port $decoy"
+
+ tcpdump_start "$port"
+
+ # Real data we're expecting
+ $MZ -q "$h2" "$pass_pkt"
+ # This should not pass
+ $MZ -q "$h2" "$fail_pkt"
+
+ sleep 1
+ tcpdump_stop "$port"
+
+ tcpdump_show "$port" |grep -q "$src$spt > $pass_grp$dpt"
+ check_err $? "Failed forwarding $type multicast $pass_grp from $h2 to port $port"
+
+ tcpdump_show "$port" |grep -q "$src$spt > $fail_grp$dpt"
+ check_err $? "Failed forwarding $type multicast $fail_grp from $h2 to port $port"
+
+ bridge mdb del dev br0 port br0 grp "$pass_grp"
+ ip link set dev "$swp1" type bridge_slave mcast_router 1
+
+ log_test "MDB forward all $type multicast to multicast router on $port"
+ tcpdump_cleanup "$port"
+}
+
do_mdb_fwd()
{
type=$1
--
2.25.1
Powered by blists - more mailing lists