| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9fb5e3df069db50396799a250c4db761b1505dd3.camel@redhat.com>
Date: Tue, 12 Jul 2022 10:19:23 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Nicolas Dichtel <nicolas.dichtel@...nd.com>,
"David S . Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Eric Dumazet <edumazet@...gle.com>,
David Ahern <dsahern@...nel.org>
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH net 2/2] selftests/net: test nexthop without gw
On Wed, 2022-07-06 at 18:05 +0200, Nicolas Dichtel wrote:
> This test implement the scenario described in the previous patch.
>
> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> ---
> tools/testing/selftests/net/Makefile | 2 +-
> .../selftests/net/fib_nexthop_nongw.sh | 125 ++++++++++++++++++
> 2 files changed, 126 insertions(+), 1 deletion(-)
> create mode 100755 tools/testing/selftests/net/fib_nexthop_nongw.sh
>
> diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile
> index ddad703ace34..db05b3764b77 100644
> --- a/tools/testing/selftests/net/Makefile
> +++ b/tools/testing/selftests/net/Makefile
> @@ -11,7 +11,7 @@ TEST_PROGS += udpgso_bench.sh fib_rule_tests.sh msg_zerocopy.sh psock_snd.sh
> TEST_PROGS += udpgro_bench.sh udpgro.sh test_vxlan_under_vrf.sh reuseport_addr_any.sh
> TEST_PROGS += test_vxlan_fdb_changelink.sh so_txtime.sh ipv6_flowlabel.sh
> TEST_PROGS += tcp_fastopen_backup_key.sh fcnal-test.sh l2tp.sh traceroute.sh
> -TEST_PROGS += fin_ack_lat.sh fib_nexthop_multiprefix.sh fib_nexthops.sh
> +TEST_PROGS += fin_ack_lat.sh fib_nexthop_multiprefix.sh fib_nexthops.sh fib_nexthop_nongw.sh
> TEST_PROGS += altnames.sh icmp.sh icmp_redirect.sh ip6_gre_headroom.sh
> TEST_PROGS += route_localnet.sh
> TEST_PROGS += reuseaddr_ports_exhausted.sh
> diff --git a/tools/testing/selftests/net/fib_nexthop_nongw.sh b/tools/testing/selftests/net/fib_nexthop_nongw.sh
> new file mode 100755
> index 000000000000..6e82562eaf4a
> --- /dev/null
> +++ b/tools/testing/selftests/net/fib_nexthop_nongw.sh
> @@ -0,0 +1,125 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +#
> +# ns: h1 | ns: h2
Trailing whitespace above
> +# 192.168.0.1/24 |
> +# eth0 |
> +# | 192.168.1.1/32
> +# veth0 <---|---> veth1
same here.
> +# Validate source address selection for route without gateway
> +
> +PAUSE_ON_FAIL=no
> +VERBOSE=0
> +ret=0
> +
> +################################################################################
> +# helpers
> +
> +log_test()
> +{
> + local rc=$1
> + local expected=$2
> + local msg="$3"
> +
> + if [ ${rc} -eq ${expected} ]; then
> + printf "TEST: %-60s [ OK ]\n" "${msg}"
> + nsuccess=$((nsuccess+1))
> + else
> + ret=1
> + nfail=$((nfail+1))
> + printf "TEST: %-60s [FAIL]\n" "${msg}"
> + if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
> + echo
> + echo "hit enter to continue, 'q' to quit"
> + read a
> + [ "$a" = "q" ] && exit 1
> + fi
> + fi
> +
> + [ "$VERBOSE" = "1" ] && echo
> +}
> +
> +run_cmd()
> +{
> + local cmd="$*"
> + local out
> + local rc
> +
> + if [ "$VERBOSE" = "1" ]; then
> + echo "COMMAND: $cmd"
> + fi
> +
> + out=$(eval $cmd 2>&1)
> + rc=$?
> + if [ "$VERBOSE" = "1" -a -n "$out" ]; then
> + echo "$out"
> + fi
> +
> + [ "$VERBOSE" = "1" ] && echo
> +
> + return $rc
> +}
> +
> +################################################################################
> +# config
> +setup()
> +{
> + ip netns add h1
> + ip -n h1 link set lo up
> + ip netns add h2
> + ip -n h2 link set lo up
> + sleep 1
Why is this needed here? same question for the 'sleep 2' after the
setup.
> +
> + # Add a fake eth0 to support an ip address
> + ip -n h1 link add name eth0 type dummy
> + ip -n h1 link set eth0 up
> + ip -n h1 address add 192.168.0.1/24 dev eth0
> +
> + # Configure veths (same @mac, arp off)
> + ip -n h1 link add name veth0 type veth peer name veth1 netns h2
> + ip -n h1 link set veth0 address 00:09:c0:26:05:82
> + ip -n h1 link set veth0 arp off
As in the example in the previous commit, I suggest to drop the
apparently not relevant 'arp off'/ static macs
> + ip -n h1 link set veth0 up
> +
> + ip -n h2 link set veth1 address 00:09:c0:26:05:82
> + ip -n h2 link set veth1 arp off
> + ip -n h2 link set veth1 up
> +
> + # Configure @IP in the peer netns
> + ip -n h2 address add 192.168.1.1/32 dev veth1
> + ip -n h2 route add default dev veth1
> +
> + # Add a nexthop without @gw and use it in a route
> + ip -n h1 nexthop add id 1 dev veth0
> + ip -n h1 route add 192.168.1.1 nhid 1
> +}
> +
> +cleanup()
> +{
> + ip netns del h1 2>/dev/null
> + ip netns del h2 2>/dev/null
> +}
This become more roboust if you add a
trap cleanup EXIT
additionally, with the above you could remove the explicit cleanups
below
> +
> +################################################################################
> +# main
> +
> +while getopts :pv o
> +do
> + case $o in
> + p) PAUSE_ON_FAIL=yes;;
> + v) VERBOSE=1;;
> + esac
> +done
> +
> +cleanup
> +setup
> +sleep 2
> +
> +run_cmd ip -netns h1 route get 192.168.1.1
> +log_test $? 0 "nexthop: get route with nexthop without gw"
> +run_cmd ip netns exec h1 ping -c1 192.168.1.1
> +log_test $? 0 "nexthop: ping through nexthop without gw"
> +
> +cleanup
> +
> +exit $ret
Powered by blists - more mailing lists