lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2d198b1f309a5c7b44cfae80647148eb922050e7.camel@redhat.com>
Date:   Tue, 02 May 2023 12:14:14 +0200
From:   Paolo Abeni <pabeni@...hat.com>
To:     Vladimir Nikishkin <vladimir@...ishkin.pw>, netdev@...r.kernel.org
Cc:     davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
        eng.alaamohamedsoliman.am@...il.com, gnault@...hat.com,
        razor@...ckwall.org, idosch@...dia.com, liuhangbin@...il.com,
        eyal.birger@...il.com, jtoppins@...hat.com, shuah@...nel.org,
        linux-kselftest@...r.kernel.org
Subject: Re: [PATCH net-next v7 2/2] Add tests for vxlan nolocalbypass
 option.

On Tue, 2023-05-02 at 00:25 +0800, Vladimir Nikishkin wrote:
> Add test to make sure that the localbypass option is on by default.
> 
> Add test to change vxlan localbypass to nolocalbypass and check
> that packets are delivered to userspace.
> 
> Signed-off-by: Vladimir Nikishkin <vladimir@...ishkin.pw>
> ---
>  tools/testing/selftests/net/Makefile          |   1 +
>  .../selftests/net/test_vxlan_nolocalbypass.sh | 234 ++++++++++++++++++
>  2 files changed, 235 insertions(+)
>  create mode 100755 tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
> 
> diff --git a/tools/testing/selftests/net/Makefile b/tools/testing/selftests/net/Makefile
> index c12df57d5539..7f3ab2a93ed6 100644
> --- a/tools/testing/selftests/net/Makefile
> +++ b/tools/testing/selftests/net/Makefile
> @@ -84,6 +84,7 @@ TEST_GEN_FILES += ip_local_port_range
>  TEST_GEN_FILES += bind_wildcard
>  TEST_PROGS += test_vxlan_mdb.sh
>  TEST_PROGS += test_bridge_neigh_suppress.sh
> +TEST_PROGS += test_vxlan_nolocalbypass.sh
>  
>  TEST_FILES := settings
>  
> diff --git a/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
> new file mode 100755
> index 000000000000..d8e48ab1e7e0
> --- /dev/null
> +++ b/tools/testing/selftests/net/test_vxlan_nolocalbypass.sh
> @@ -0,0 +1,234 @@
> +#!/bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +
> +# This file is testing that the [no]localbypass option for a vxlan device is
> +# working. With the nolocalbypass option, packets to a local destination, which
> +# have no corresponding vxlan in the kernel, will be delivered to userspace, for
> +# any userspace process to process. In this test tcpdump plays the role of such a
> +# process. This is what the test 1 is checking.
> +# The test 2 checks that without the nolocalbypass (which is equivalent to the
> +# localbypass option), the packets do not reach userspace.
> +
> +EXIT_SUCCESS=0
> +EXIT_FAIL=1
> +ksft_skip=4
> +nsuccess=0
> +nfail=0
> +
> +ret=0
> +
> +TESTS="
> +changelink_nolocalbypass_simple
> +"
> +VERBOSE=0
> +PAUSE_ON_FAIL=no
> +PAUSE=no
> +
> +
> +NETNS_NAME=vxlan_nolocalbypass_test
> +
> +################################################################################
> +# Utilities
> +
> +log_test()
> +{
> +	local rc=$1
> +	local expected=$2
> +	local msg="$3"
> +
> +	if [ ${rc} -eq ${expected} ]; then
> +		printf "TEST: %-60s  [ OK ]\n" "${msg}"
> +		nsuccess=$((nsuccess+1))
> +	else
> +		ret=1
> +		nfail=$((nfail+1))
> +		printf "TEST: %-60s  [FAIL]\n" "${msg}"
> +		if [ "$VERBOSE" = "1" ]; then
> +			echo "    rc=$rc, expected $expected"
> +		fi
> +
> +		if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
> +		echo
> +			echo "hit enter to continue, 'q' to quit"
> +			read a
> +			[ "$a" = "q" ] && exit 1
> +		fi
> +	fi
> +
> +	if [ "${PAUSE}" = "yes" ]; then
> +		echo
> +		echo "hit enter to continue, 'q' to quit"
> +		read a
> +		[ "$a" = "q" ] && exit 1
> +	fi
> +
> +	[ "$VERBOSE" = "1" ] && echo
> +}
> +
> +run_cmd()
> +{
> +	local cmd="$1"
> +	local out
> +	local stderr="2>/dev/null"
> +
> +	if [ "$VERBOSE" = "1" ]; then
> +		printf "COMMAND: $cmd\n"
> +		stderr=
> +	fi
> +
> +	out=$(eval $cmd $stderr)
> +	rc=$?
> +	if [ "$VERBOSE" = "1" -a -n "$out" ]; then
> +		echo "    $out"
> +	fi
> +
> +	return $rc
> +}
> +
> +socat_check_packets()
> +{
> +  echo TODO
> +  exit 1

Minor nit: please use a consistent number of spaces to indent e.g. 4

Note that net-next is currently close, you should submit the next
revision when net-next reopens after May 8th.

Cheers,

Paolo

Powered by blists - more mailing lists